Prepare release 4.0.8

Author: thabart

azure-pipelines.yml

@@ -80,6 +80,17 @@ steps:
     zipAfterPublish: false
     modifyOutputPath: false
     workingDirectory: '$(Build.Repository.LocalPath)\src\CredentialIssuer\SimpleIdServer.CredentialIssuer.Website.Startup'
+
+- task: DotNetCoreCLI@2
+  displayName: 'Publish Mobile application'
+  inputs:
+    command: 'publish'
+    publishWebProjects: false
+    arguments: '-f net7.0-android -c Release -p:AndroidKeyStore=true -p:AndroidSigningKeyStore=sidmobile.keystore -p:AndroidSigningKeyAlias=sidkey -p:AndroidSigningKeyPass=password -p:AndroidSigningStorePass=password'
+    zipAfterPublish: false
+    modifyOutputPath: false
+    workingDirectory: '$(Build.Repository.LocalPath)\src\Mobile\SimpleIdServer.Mobile'
+
 - task: CopyFiles@2
   displayName: 'Copy website'
   inputs:
@@ -162,4 +173,11 @@ steps:
   inputs:
     PathtoPublish: '$(Build.ArtifactStagingDirectory)\credentialissuerwebsite'
     ArtifactName: 'credentialissuerwebsite'
+    publishLocation: 'Container'
+
+- task: PublishBuildArtifacts@1
+  displayName: 'Publish Mobile application'
+  inputs:
+    PathtoPublish: '$(Build.Repository.LocalPath)\src\Mobile\SimpleIdServer.Mobile\bin\Release\net7.0-android\publish'
+    ArtifactName: 'mobileApp'
     publishLocation: 'Container'

default.ps1

@@ -189,6 +189,7 @@ task buildTemplate {
 }
 
 task pack -depends release, compile, buildTemplate {
+	exec { dotnet pack $source_dir\IdServer\SimpleIdServer.IdServer.VerifiablePresentation\SimpleIdServer.IdServer.VerifiablePresentation.csproj -c $config --no-build $versionSuffix --output $result_dir }
 	exec { dotnet pack $source_dir\IdServer\SimpleIdServer.IdServer\SimpleIdServer.IdServer.csproj -c $config --no-build $versionSuffix --output $result_dir }
 	exec { dotnet pack $source_dir\IdServer\SimpleIdServer.IdServer.Domains\SimpleIdServer.IdServer.Domains.csproj -c $config --no-build $versionSuffix --output $result_dir }
 	exec { dotnet pack $source_dir\IdServer\SimpleIdServer.IdServer.Email\SimpleIdServer.IdServer.Email.csproj -c $config --no-build $versionSuffix --output $result_dir }

docker-compose.yml

@@ -28,7 +28,7 @@ services:
     networks:
       proxy_net: null
   scim:
-    image: simpleidserver/scim:4.0.7
+    image: simpleidserver/scim:4.0.8
     environment:
       VIRTUAL_HOST: "scim.localhost.com"
       ASPNETCORE_URLS : "http://*:80"
@@ -40,7 +40,7 @@ services:
     networks:
       proxy_net: null
   idserver:
-    image: simpleidserver/idserver:4.0.7
+    image: simpleidserver/idserver:4.0.8
     environment:
       VIRTUAL_HOST: "idserver.localhost.com"
       ASPNETCORE_URLS : "http://*:80"
@@ -58,7 +58,7 @@ services:
     networks:
       proxy_net: null
   website:
-    image: simpleidserver/website:4.0.7
+    image: simpleidserver/website:4.0.8
     environment:
       VIRTUAL_HOST: "website.localhost.com"
       ASPNETCORE_URLS : "http://*:80"
@@ -73,7 +73,7 @@ services:
     networks:
       proxy_net: null
   credentialissuer:
-    image: simpleidserver/credentialissuer:4.0.7
+    image: simpleidserver/credentialissuer:4.0.8
     environment:
       VIRTUAL_HOST: "credentialissuer.localhost.com"
       ASPNETCORE_URLS : "http://*:80"
@@ -85,7 +85,7 @@ services:
     networks:
       proxy_net: null
   credentialissuerwebsite:
-    image: simpleidserver/credentialissuerwebsite:4.0.7
+    image: simpleidserver/credentialissuerwebsite:4.0.8
     environment:
       VIRTUAL_HOST: "credentialissuerwebsite.localhost.com"
       ASPNETCORE_URLS : "http://*:80"

sid-kubernetes.yaml

@@ -229,7 +229,7 @@ spec:
       subdomain: localhost
       containers:
       - name: scim-deploy
-        image: simpleidserver/scim:4.0.7
+        image: simpleidserver/scim:4.0.8
         ports:
           - containerPort: 80
         env:
@@ -266,7 +266,7 @@ spec:
       subdomain: localhost
       containers:
       - name: idserver-deploy
-        image: simpleidserver/idserver:4.0.7
+        image: simpleidserver/idserver:4.0.8
         ports:
           - containerPort: 80
         env:
@@ -309,7 +309,7 @@ spec:
       subdomain: localhost
       containers:
       - name: website-deploy
-        image: simpleidserver/website:4.0.7
+        image: simpleidserver/website:4.0.8
         ports:
           - containerPort: 80
         env:
@@ -350,7 +350,7 @@ spec:
       subdomain: localhost
       containers:
       - name: credentialissuer-deploy
-        image: simpleidserver/credentialissuer:4.0.7
+        image: simpleidserver/credentialissuer:4.0.8
         ports:
           - containerPort: 80
         env:
@@ -385,7 +385,7 @@ spec:
       subdomain: localhost
       containers:
       - name: credentialissuerwebsite-deploy
-        image: simpleidserver/credentialissuerwebsite:4.0.7
+        image: simpleidserver/credentialissuerwebsite:4.0.8
         ports:
           - containerPort: 80
         env:

src/Templates/templates/SimpleIdServer.CredentialIssuer.Startup/CredentialIssuerConfiguration.cs

@@ -1,5 +1,6 @@
 // Copyright (c) SimpleIdServer. All rights reserved.
 // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
+using Org.BouncyCastle.Crypto.Agreement;
 using SimpleIdServer.CredentialIssuer.Builders;
 using SimpleIdServer.CredentialIssuer.CredentialFormats;
 using SimpleIdServer.CredentialIssuer.Domains;
@@ -29,7 +30,13 @@ public class CredentialIssuerConfiguration
             {
                 cb.AddTranslation("Name of degree", "en-US");
             })
-            .AddDisplay("University Credential", "en-US", "https://university.example.edu/public/logo.png", "A square logo of a university", null,"#12107c", "#acd2b1")
+            .AddDisplay("University Credential", "en-US", "https://img.freepik.com/premium-vector/logo-university-name-logo-company-called-university_516670-732.jpg", "A square logo of a university", null,"#12107c", "#acd2b1")
             .Build()
     };
+
+    public static List<UserCredentialClaim> CredentialClaims => new List<UserCredentialClaim>
+    {
+        UserCredentialClaimBuilder.Build("administrator", "DegreeName", "Master degree"),
+        UserCredentialClaimBuilder.Build("administrator", "GivenName", "SimpleIdServer")
+    };
 }

src/Templates/templates/SimpleIdServer.CredentialIssuer.Startup/Program.cs

@@ -100,6 +100,7 @@
 .UseInMemoryStore(c =>
 {
     c.AddCredentialConfigurations(CredentialIssuerConfiguration.CredentialConfigurations);
+    c.AddUserCredentialClaims(CredentialIssuerConfiguration.CredentialClaims);
 });
 
 var app = builder.Build();

src/Templates/templates/SimpleIdServer.CredentialIssuer.Website.Startup/appsettings.Docker.json

@@ -10,7 +10,7 @@
   "CredentialIssuerUrl": "https://credentialissuer.simpleidserver.com",
   "DefaultSecurityOptions": {
     "Issuer": "https://openid.simpleidserver.com/master",
-    "ClientId": "SIDS-manager",
+    "ClientId": "CredentialIssuer-manager",
     "ClientSecret": "password",
     "Scope": "openid profile",
     "IgnoreCertificateError": true

src/Templates/templates/SimpleIdServer.IdServer.Startup/Areas/console/Views/Authenticate/Index.cshtml

@@ -8,6 +8,9 @@
 @{
     ViewBag.Title = AuthenticateConsoleResource.title;
     Layout = "~/Views/Shared/_AuthenticateLayout.cshtml";
+    var returnUrl = Microsoft.AspNetCore.Http.Extensions.UriHelper.GetDisplayUrl(Context.Request);
+    var realm = SimpleIdServer.IdServer.Middlewares.RealmContext.Instance()?.Realm;
+    var registationUrl = $"{(string.IsNullOrWhiteSpace(realm) ? "/" : $"/{realm}/")}Registration?redirectUrl={returnUrl}&workflowName={Model.RegistrationWorkflow?.Name}";
 }
 
 @if (!ViewData.ModelState.IsValid)
@@ -23,44 +26,13 @@
     </ul>
 }
 
-<!-- Login form -->
-@using (Html.BeginForm("Index", "Authenticate", new { area = SimpleIdServer.IdServer.Console.Constants.AMR, returnUrl = Model.ReturnUrl }, FormMethod.Post))
-{
-    @Html.AntiForgeryToken()
-    <input type="hidden" asp-for="ReturnUrl" />
-    <input type="hidden" name="Action" value="AUTHENTICATE" />
-    <!-- Login -->
-    <div class="input-group mb-3">
-        @if(Model.IsAuthInProgress)
-        {
-            <input asp-for="Login" placeholder="@AuthenticateConsoleResource.login" type="text" class="form-control" disabled="disabled" />
-            <input asp-for="Login" placeholder="@AuthenticateConsoleResource.login" type="hidden" class="form-control" />
-        }
-        else
-        {
-            <input asp-for="Login" placeholder="@AuthenticateConsoleResource.login" type="text" class="form-control" />
-        }
-    </div>
-    <!-- Confirmation code -->
-    <div class="input-group mb-3">
-        <input asp-for="OTPCode" placeholder="@AuthenticateConsoleResource.confirmationcode" type="password" class="form-control" />
-    </div>
-    <div>
-        <input type="checkbox" asp-for="RememberLogin " />
-        <label>@AuthenticateConsoleResource.remember_login</label>
-    </div>
-    <input asp-for="IsLoginMissing" type="hidden" class="form-control" />
-    <input asp-for="IsAuthInProgress" type="hidden" class="form-control" />
-    <button type="submit" class="btn btn-primary">@AuthenticateConsoleResource.authenticate</button>
-}
-
 <!-- Send confirmation code -->
 <div class="mt-3">
     @if (!string.IsNullOrWhiteSpace(ViewBag.SuccessMessage))
     {
         <div class="alert alert-success">
             @AuthenticateConsoleResource.ResourceManager.GetString(ViewBag.SuccessMessage)
-            @if(Model.TOTPStep != null)
+            @if (Model.TOTPStep != null)
             {
                 @string.Format(AuthenticateConsoleResource.code_validity, Model.TOTPStep)
             }
@@ -72,8 +44,11 @@
         @Html.AntiForgeryToken()
         <input type="hidden" asp-for="ReturnUrl" />
         <input type="hidden" name="Action" value="SENDCONFIRMATIONCODE" />
+        <input asp-for="IsFirstAmr" type="hidden" class="form-control" />
+        <input asp-for="IsLoginMissing" type="hidden" class="form-control" />
+        <input asp-for="IsAuthInProgress" type="hidden" class="form-control" />
         <div class="input-group mb-3">
-            @if(Model.IsAuthInProgress)
+            @if (Model.IsAuthInProgress)
             {
                 <input asp-for="Login" placeholder="@AuthenticateConsoleResource.login" type="text" class="form-control" disabled="disabled" />
                 <input asp-for="Login" placeholder="@AuthenticateConsoleResource.login" type="hidden" class="form-control" />
@@ -83,12 +58,44 @@
                 <input asp-for="Login" placeholder="@AuthenticateConsoleResource.login" type="text" class="form-control" />
             }
         </div>
-        <input asp-for="IsLoginMissing" type="hidden" class="form-control" />
-        <input asp-for="IsAuthInProgress" type="hidden" class="form-control" />
         <button type="submit" class="btn btn-primary">@AuthenticateConsoleResource.sendconfirmationcode</button>
     }
 </div>
 
+<!-- Login form -->
+@using (Html.BeginForm("Index", "Authenticate", new { area = SimpleIdServer.IdServer.Console.Constants.AMR, returnUrl = Model.ReturnUrl }, FormMethod.Post))
+{
+    @Html.AntiForgeryToken()
+    <input type="hidden" asp-for="ReturnUrl" />
+    <input type="hidden" name="Action" value="AUTHENTICATE" />
+    <input asp-for="IsFirstAmr" type="hidden" class="form-control" />
+    <input asp-for="IsLoginMissing" type="hidden" class="form-control" />
+    <input asp-for="IsAuthInProgress" type="hidden" class="form-control" />
+    <input asp-for="Login" placeholder="@AuthenticateConsoleResource.login" type="hidden" class="form-control" />
+    <!-- Confirmation code -->
+    <div class="input-group mb-3">
+        <input asp-for="OTPCode" placeholder="@AuthenticateConsoleResource.confirmationcode" type="password" class="form-control" />
+    </div>
+    @if(Model.IsFirstAmr)
+    {
+        <div>
+            <input type="checkbox" asp-for="RememberLogin " />
+            <label>@AuthenticateConsoleResource.remember_login</label>
+        </div>
+    }
+    <button type="submit" class="btn btn-primary">@AuthenticateConsoleResource.authenticate</button>
+}
+
+@if (Model.IsFirstAmr && Model.RegistrationWorkflow != null)
+{
+    <div>
+        <div class="divider">
+            <p class="fw-bold text">OR</p>
+        </div>
+        <a href="@registationUrl">@AuthenticatePasswordResource.register</a>
+    </div>
+}
+
 @section SubScripts {
     <script type="text/javascript">
         $(document).ready(function () {

src/Templates/templates/SimpleIdServer.IdServer.Startup/Areas/email/Views/Authenticate/Index.cshtml

@@ -8,6 +8,9 @@
 @{
     ViewBag.Title = AuthenticateEmailResource.title;
     Layout = "~/Views/Shared/_AuthenticateLayout.cshtml";
+    var returnUrl = Microsoft.AspNetCore.Http.Extensions.UriHelper.GetDisplayUrl(Context.Request);
+    var realm = SimpleIdServer.IdServer.Middlewares.RealmContext.Instance()?.Realm;
+    var registationUrl = $"{(string.IsNullOrWhiteSpace(realm) ? "/" : $"/{realm}/")}Registration?redirectUrl={returnUrl}&workflowName={Model.RegistrationWorkflow?.Name}";
 }
 
 @if (!ViewData.ModelState.IsValid)
@@ -31,37 +34,6 @@
 }
 else
 {
-    <!-- Login form -->
-    @using (Html.BeginForm("Index", "Authenticate", new { area = SimpleIdServer.IdServer.Email.Constants.AMR, returnUrl = Model.ReturnUrl }, FormMethod.Post))
-    {
-        @Html.AntiForgeryToken()
-        <input type="hidden" asp-for="ReturnUrl" />
-        <input type="hidden" name="Action" value="AUTHENTICATE" />
-        <!-- Email -->
-        <div class="input-group mb-3">
-            @if(Model.IsAuthInProgress)
-            {
-                <input asp-for="Login" placeholder="@AuthenticateEmailResource.email" type="text" class="form-control" disabled="disabled" />
-                <input asp-for="Login" placeholder="@AuthenticateEmailResource.email" type="hidden" class="form-control" />
-            }
-            else
-            {
-                <input asp-for="Login" placeholder="@AuthenticateEmailResource.email" type="text" class="form-control" />
-            }
-        </div>
-        <!-- Confirmation code -->
-        <div class="input-group mb-3">
-            <input asp-for="OTPCode" placeholder="@AuthenticateEmailResource.confirmationcode" type="password" class="form-control" />
-        </div>
-        <div>
-            <input type="checkbox" asp-for="RememberLogin " />
-            <label>@AuthenticateEmailResource.remember_login</label>
-        </div>
-        <input asp-for="IsLoginMissing" type="hidden" class="form-control" />
-        <input asp-for="IsAuthInProgress" type="hidden" class="form-control" />
-        <button type="submit" class="btn btn-primary">@AuthenticateEmailResource.authenticate</button>
-    }
-
     <!-- Send confirmation code -->
     <div class="mt-3">
         @if (!string.IsNullOrWhiteSpace(ViewBag.SuccessMessage))
@@ -80,6 +52,9 @@ else
             @Html.AntiForgeryToken()
             <input type="hidden" asp-for="ReturnUrl" />
             <input type="hidden" name="Action" value="SENDCONFIRMATIONCODE" />
+            <input asp-for="IsFirstAmr" type="hidden" class="form-control" />
+            <input asp-for="IsLoginMissing" type="hidden" class="form-control" />
+            <input asp-for="IsAuthInProgress" type="hidden" class="form-control" />
             <div class="input-group mb-3">
                 @if(Model.IsAuthInProgress)
                 {
@@ -91,11 +66,45 @@ else
                     <input asp-for="Login" placeholder="@AuthenticateEmailResource.email" type="text" class="form-control" />
                 }
             </div>
+            <button type="submit" class="btn btn-primary">@AuthenticateEmailResource.sendconfirmationcode</button>
+        }
+    </div>
+
+    <!-- Login form -->
+    <div class="mt-3">
+        @using (Html.BeginForm("Index", "Authenticate", new { area = SimpleIdServer.IdServer.Email.Constants.AMR, returnUrl = Model.ReturnUrl }, FormMethod.Post))
+        {
+            @Html.AntiForgeryToken()
+            <input type="hidden" asp-for="ReturnUrl" />
+            <input type="hidden" name="Action" value="AUTHENTICATE" />
+            <input asp-for="IsFirstAmr" type="hidden" class="form-control" />
             <input asp-for="IsLoginMissing" type="hidden" class="form-control" />
             <input asp-for="IsAuthInProgress" type="hidden" class="form-control" />
-            <button type="submit" class="btn btn-primary">@AuthenticateEmailResource.sendconfirmationcode</button>
+            <input asp-for="Login" placeholder="@AuthenticateEmailResource.email" type="hidden" class="form-control" />
+            <!-- Confirmation code -->
+            <div class="input-group mb-3">
+                <input asp-for="OTPCode" placeholder="@AuthenticateEmailResource.confirmationcode" type="password" class="form-control" />
+            </div>
+            @if(Model.IsFirstAmr)
+            {
+                <div>
+                    <input type="checkbox" asp-for="RememberLogin " />
+                    <label>@AuthenticateEmailResource.remember_login</label>
+                </div>
+            }
+            <button type="submit" class="btn btn-primary">@AuthenticateEmailResource.authenticate</button>
         }
     </div>
+
+    @if (Model.IsFirstAmr && Model.RegistrationWorkflow != null)
+    {
+        <div>
+            <div class="divider">
+                <p class="fw-bold text">OR</p>
+            </div>
+            <a href="@registationUrl">@AuthenticatePasswordResource.register</a>
+        </div>
+    }
 }
 
 @section SubScripts {