SAP · Phil91 · Jul 17, 2024 · Jul 2, 2024 · Jul 17, 2024
diff --git a/consortia/argocd-app-templates/appsetup-dev.yaml b/consortia/argocd-app-templates/appsetup-dev.yaml
@@ -28,7 +28,7 @@ spec:
     server: 'https://kubernetes.default.svc'
   source:
     path: charts/dim
-    repoURL: 'https://github.com/sap/dim-client.git'
+    repoURL: 'https://github.com/sap/ssi-dim-middle-layer.git'
     targetRevision: main
     plugin:
       env:

diff --git a/consortia/argocd-app-templates/appsetup-int.yaml b/consortia/argocd-app-templates/appsetup-int.yaml
@@ -28,8 +28,8 @@ spec:
     server: 'https://kubernetes.default.svc'
   source:
     path: charts/dim
-    repoURL: 'https://github.com/sap/dim-client.git'
-    targetRevision: dim-1.1.0
+    repoURL: 'https://github.com/sap/ssi-dim-middle-layer.git'
+    targetRevision: dim-1.0.0
     plugin:
       env:
         - name: AVP_SECRET

diff --git a/consortia/argocd-app-templates/appsetup-rc.yaml b/consortia/argocd-app-templates/appsetup-rc.yaml
@@ -0,0 +1,42 @@
+###############################################################
+# Copyright (c) 2024 BMW Group AG
+# Copyright 2024 SAP SE or an SAP affiliate company and ssi-dim-middle-layer contributors.
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License, Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+###############################################################
+
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: dim
+spec:
+  destination:
+    namespace: product-iam
+    server: 'https://kubernetes.default.svc'
+  source:
+    path: charts/dim
+    repoURL: 'https://github.com/sap/ssi-dim-middle-layer.git'
+    targetRevision: main
+    plugin:
+      env:
+        - name: AVP_SECRET
+          value: vault-secret
+        - name: helm_args
+          value: '-f values.yaml -f ../../consortia/environments/values-rc.yaml'
+  project: project-portal
+  syncPolicy:
+    automated:
+      prune: true
diff --git a/consortia/environments/values-dev.yaml b/consortia/environments/values-dev.yaml
@@ -43,7 +43,7 @@ dim:
     tag: "main"
   imagePullPolicy: "Always"
   swaggerEnabled: true
-  rootDirectoryId: "27fee02a-e265-4cfc-af70-4f217a33840b"
+  rootDirectoryId: "ee464a81-fca4-431d-8315-5db5e49b4c3c"
   operatorId: "27fee02a-e265-4cfc-af70-4f217a33840b"
 
 migrations:
@@ -63,7 +63,7 @@ processesworker:
     adminMail: "[email protected]"
     clientIdCisCentral: "<path:portal/data/dim/dev/dim#cisClientId>"
     clientSecretCisCentral: "<path:portal/data/dim/dev/dim#cisClientSecret>"
-    authUrl: "https://catena-x-int-dim.authentication.eu10.hana.ondemand.com"
+    authUrl: "https://catena-x-dev-dim.authentication.eu10.hana.ondemand.com"
   subaccount:
     # -- Url to the subaccount service api
     baseUrl: "https://accounts-service.cfapps.eu10.hana.ondemand.com"

diff --git a/consortia/environments/values-rc.yaml b/consortia/environments/values-rc.yaml
@@ -0,0 +1,105 @@
+###############################################################
+# Copyright (c) 2024 BMW Group AG
+# Copyright 2024 SAP SE or an SAP affiliate company and ssi-dim-middle-layer contributors.
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License, Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+###############################################################
+
+ingress:
+  enabled: true
+  className: "nginx"
+  annotations:
+    nginx.ingress.kubernetes.io/use-regex: "true"
+    nginx.ingress.kubernetes.io/enable-cors: "true"
+    nginx.ingress.kubernetes.io/proxy-body-size: "8m"
+    nginx.ingress.kubernetes.io/cors-allow-origin: "http://localhost:3000, https://*.dev.demo.catena-x.net"
+  tls:
+    - secretName: "tls-secret"
+      hosts:
+        - "dim-rc.dev.demo.catena-x.net"
+  hosts:
+    - host: "dim-rc.dev.demo.catena-x.net"
+      paths:
+        - path: "/api/dim"
+          pathType: "Prefix"
+          backend:
+            port: 8080
+
+dim:
+  image:
+    tag: "main"
+  imagePullPolicy: "Always"
+  swaggerEnabled: true
+  rootDirectoryId: "ee464a81-fca4-431d-8315-5db5e49b4c3c"
+  operatorId: "27fee02a-e265-4cfc-af70-4f217a33840b"
+
+migrations:
+  image:
+    tag: "main"
+  imagePullPolicy: "Always"
+  logging:
+    default: "Debug"
+
+processesworker:
+  image:
+    tag: "main"
+  imagePullPolicy: "Always"
+  logging:
+    default: "Debug"
+  dim:
+    adminMail: "[email protected]"
+    clientIdCisCentral: "<path:portal/data/dim/dev/dim#cisClientId>"
+    clientSecretCisCentral: "<path:portal/data/dim/dev/dim#cisClientSecret>"
+    authUrl: "https://catena-x-dev-dim.authentication.eu10.hana.ondemand.com"
+  subaccount:
+    # -- Url to the subaccount service api
+    baseUrl: "https://accounts-service.cfapps.eu10.hana.ondemand.com"
+  entitlement:
+    # -- Url to the entitlement service api
+    baseUrl: "https://entitlements-service.cfapps.eu10.hana.ondemand.com"
+  cf:
+    clientId: "<path:portal/data/dim/dev/cf#clientId>"
+    clientSecret: "<path:portal/data/dim/dev/cf#clientSecret>"
+    tokenAddress: "https://login.cf.eu10.hana.ondemand.com/oauth/token"
+    # -- Url to the cf service api
+    baseUrl: "https://api.cf.eu10.hana.ondemand.com"
+    grantType: "client_credentials"
+  callback:
+    scope: "openid"
+    grantType: "client_credentials"
+    # -- Provide client-id for callback.
+    clientId: "<path:portal/data/dim/callback#clientId>"
+    # -- Client-secret for callback client-id. Secret-key 'callback-client-secret'.
+    clientSecret: "<path:portal/data/dim/dev/callback#clientSecret>"
+    tokenAddress: "http://centralidp-rc.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token"
+    # -- Url to the cf service api
+    baseAddress: "https://portal-backend-rc.dev.demo.catena-x.net"
+  technicalUserCreation:
+    encryptionConfigs:
+      index0:
+        encryptionKey: "<<path:portal/data/dim/dev/technicaluser#technicalusercreation-encryption-key0>"
+
+idp:
+  address: "https://centralidp-rc.dev.demo.catena-x.net"
+  jwtBearerOptions:
+    tokenValidationParameters:
+      validAudience: "DIM-Middle-Layer"
+
+postgresql:
+  auth:
+    postgrespassword: "<path:portal/data/dim/dev/postgres#postgres-password>"
+    password: "<path:portal/data/dim/dev/postgres#password>"
+    replicationPassword: "<path:portal/data/dim/dev/postgres#replication-password>"
diff --git a/src/clients/Dim.Clients/Api/Cf/CfClient.cs b/src/clients/Dim.Clients/Api/Cf/CfClient.cs
@@ -79,8 +79,8 @@ private static async Task<Guid> GetEnvironmentId(string tenantName, Cancellation
             .ReadFromJsonAsync<GetEnvironmentsResponse>(JsonSerializerExtensions.Options, cancellationToken)
             .ConfigureAwait(false);
 
-        var tenantEnvironment = environments.Resources.Where(x => x.Name == tenantName);
-        if (tenantEnvironment.Count() > 1)
+        var tenantEnvironment = environments?.Resources.Where(x => x.Name == tenantName);
+        if (tenantEnvironment == null || tenantEnvironment.Count() > 1)
         {
             throw new ConflictException($"There should only be one cf environment for tenant {tenantName}");
         }
@@ -277,4 +277,11 @@ public async Task<ServiceCredentialBindingDetailResponse> GetServiceBindingDetai
             throw new ServiceException(je.Message);
         }
     }
+
+    public async Task DeleteServiceInstanceBindings(Guid serviceBindingId, CancellationToken cancellationToken)
+    {
+        var client = await _basicAuthTokenService.GetBasicAuthorizedLegacyClient<CfClient>(_settings, cancellationToken).ConfigureAwait(false);
+        await client.DeleteAsync($"/v3/service_credential_bindings/{serviceBindingId}", cancellationToken)
+            .CatchingIntoServiceExceptionFor("delete-si-bindings", HttpAsyncResponseMessageExtension.RecoverOptions.ALLWAYS);
+    }
 }
diff --git a/src/clients/Dim.Clients/Api/Cf/ICfClient.cs b/src/clients/Dim.Clients/Api/Cf/ICfClient.cs
@@ -30,4 +30,5 @@ public interface ICfClient
     Task CreateServiceInstanceBindings(string tenantName, string? keyName, Guid spaceId, CancellationToken cancellationToken);
     Task<Guid> GetServiceBinding(string tenantName, Guid spaceId, string bindingName, CancellationToken cancellationToken);
     Task<ServiceCredentialBindingDetailResponse> GetServiceBindingDetails(Guid id, CancellationToken cancellationToken);
+    Task DeleteServiceInstanceBindings(Guid serviceBindingId, CancellationToken cancellationToken);
 }
diff --git a/src/clients/Dim.Clients/Dim.Clients.csproj b/src/clients/Dim.Clients/Dim.Clients.csproj
@@ -36,9 +36,9 @@
       <PackageReference Include="Microsoft.Extensions.Hosting" Version="8.0.0" />
       <PackageReference Include="Microsoft.Extensions.Options" Version="8.0.2" />
       <PackageReference Include="Microsoft.Extensions.Options.ConfigurationExtensions" Version="8.0.0" />
-      <PackageReference Include="Org.Eclipse.TractusX.Portal.Backend.Framework.DependencyInjection" Version="2.0.0" />
-      <PackageReference Include="Org.Eclipse.TractusX.Portal.Backend.Framework.ErrorHandling" Version="2.0.0" />
-      <PackageReference Include="Org.Eclipse.TractusX.Portal.Backend.Framework.HttpClientExtensions" Version="2.0.0" />
+      <PackageReference Include="Org.Eclipse.TractusX.Portal.Backend.Framework.DependencyInjection" Version="2.3.0" />
+      <PackageReference Include="Org.Eclipse.TractusX.Portal.Backend.Framework.ErrorHandling" Version="2.3.0" />
+      <PackageReference Include="Org.Eclipse.TractusX.Portal.Backend.Framework.HttpClientExtensions" Version="2.3.0" />
     </ItemGroup>
 
 </Project>
diff --git a/src/database/Dim.DbAccess/Dim.DbAccess.csproj b/src/database/Dim.DbAccess/Dim.DbAccess.csproj
@@ -30,8 +30,8 @@
 
     <ItemGroup>
       <PackageReference Include="Microsoft.Extensions.Diagnostics.HealthChecks.EntityFrameworkCore" Version="8.0.3" />
-      <PackageReference Include="Org.Eclipse.TractusX.Portal.Backend.Framework.DependencyInjection" Version="2.0.0" />
-      <PackageReference Include="Org.Eclipse.TractusX.Portal.Backend.Framework.ErrorHandling" Version="2.0.0" />
+      <PackageReference Include="Org.Eclipse.TractusX.Portal.Backend.Framework.DependencyInjection" Version="2.3.0" />
+      <PackageReference Include="Org.Eclipse.TractusX.Portal.Backend.Framework.ErrorHandling" Version="2.3.0" />
     </ItemGroup>
 
     <ItemGroup>

diff --git a/src/database/Dim.DbAccess/Repositories/ITenantRepository.cs b/src/database/Dim.DbAccess/Repositories/ITenantRepository.cs
@@ -43,4 +43,7 @@ public interface ITenantRepository
     Task<(Guid? spaceId, string technicalUserName)> GetSpaceIdAndTechnicalUserName(Guid technicalUserId);
     Task<(Guid ExternalId, string? TokenAddress, string? ClientId, byte[]? ClientSecret, byte[]? InitializationVector, int? EncryptionMode)> GetTechnicalUserCallbackData(Guid technicalUserId);
     Task<(Guid? DimInstanceId, Guid? CompanyId)> GetDimInstanceIdAndDid(Guid tenantId);
+    Task<(bool Exists, Guid TechnicalUserId, Guid ProcessId)> GetTechnicalUserForBpn(string bpn, string technicalUserName);
+    Task<Guid> GetExternalIdForTechnicalUser(Guid technicalUserId);
+    void RemoveTechnicalUser(Guid technicalUserId);
 }
diff --git a/src/database/Dim.DbAccess/Repositories/TenantRepository.cs b/src/database/Dim.DbAccess/Repositories/TenantRepository.cs
@@ -145,4 +145,20 @@ public void AttachAndModifyTechnicalUser(Guid technicalUserId, Action<TechnicalU
             .Where(x => x.Id == tenantId)
             .Select(x => new ValueTuple<Guid?, Guid?>(x.DimInstanceId, x.CompanyId))
             .SingleOrDefaultAsync();
+
+    public Task<(bool Exists, Guid TechnicalUserId, Guid ProcessId)> GetTechnicalUserForBpn(string bpn, string technicalUserName) =>
+        context.TechnicalUsers
+            .Where(x => x.TechnicalUserName == technicalUserName && x.Tenant!.Bpn == bpn)
+            .Select(x => new ValueTuple<bool, Guid, Guid>(true, x.Id, x.ProcessId))
+            .SingleOrDefaultAsync();
+
+    public Task<Guid> GetExternalIdForTechnicalUser(Guid technicalUserId) =>
+        context.TechnicalUsers
+            .Where(x => x.Id == technicalUserId)
+            .Select(x => x.ExternalId)
+            .SingleOrDefaultAsync();
+
+    public void RemoveTechnicalUser(Guid technicalUserId) =>
+        context.TechnicalUsers
+            .Remove(new TechnicalUser(technicalUserId, default, default, null!, default));
 }
diff --git a/src/database/Dim.Entities/Dim.Entities.csproj b/src/database/Dim.Entities/Dim.Entities.csproj
@@ -34,6 +34,6 @@
         <PrivateAssets>all</PrivateAssets>
       </PackageReference>
       <PackageReference Include="Npgsql.EntityFrameworkCore.PostgreSQL" Version="8.0.4" />
-      <PackageReference Include="Org.Eclipse.TractusX.Portal.Backend.Framework.DBAccess" Version="2.0.0" />
+      <PackageReference Include="Org.Eclipse.TractusX.Portal.Backend.Framework.DBAccess" Version="2.3.0" />
     </ItemGroup>
 </Project>
diff --git a/src/database/Dim.Entities/Enums/ProcessStepTypeId.cs b/src/database/Dim.Entities/Enums/ProcessStepTypeId.cs
@@ -45,5 +45,9 @@ public enum ProcessStepTypeId
     // Create Technical User
     CREATE_TECHNICAL_USER = 100,
     GET_TECHNICAL_USER_DATA = 101,
-    SEND_TECHNICAL_USER_CALLBACK = 102,
+    SEND_TECHNICAL_USER_CREATION_CALLBACK = 102,
+
+    // Delete Technical User
+    DELETE_TECHNICAL_USER = 200,
+    SEND_TECHNICAL_USER_DELETION_CALLBACK = 201
 }
diff --git a/src/database/Dim.Entities/Enums/ProcessTypeId.cs b/src/database/Dim.Entities/Enums/ProcessTypeId.cs
@@ -23,5 +23,5 @@ namespace Dim.Entities.Enums;
 public enum ProcessTypeId
 {
     SETUP_DIM = 1,
-    CREATE_TECHNICAL_USER = 2
+    TECHNICAL_USER = 2,
 }
diff --git a/src/database/Dim.Migrations/Dim.Migrations.csproj b/src/database/Dim.Migrations/Dim.Migrations.csproj
@@ -45,9 +45,9 @@
     <PackageReference Include="Microsoft.Extensions.Configuration.UserSecrets" Version="8.0.0" />
     <PackageReference Include="Microsoft.Extensions.Hosting" Version="8.0.0" />
     <PackageReference Include="Serilog.Extensions.Logging" Version="8.0.0" />
-    <PackageReference Include="Org.Eclipse.TractusX.Portal.Backend.Framework.Models" Version="2.0.0" />
-    <PackageReference Include="Org.Eclipse.TractusX.Portal.Backend.Framework.Logging" Version="2.0.0" />
-    <PackageReference Include="Org.Eclipse.TractusX.Portal.Backend.Framework.Seeding" Version="2.0.0" />
+    <PackageReference Include="Org.Eclipse.TractusX.Portal.Backend.Framework.Models" Version="2.3.0" />
+    <PackageReference Include="Org.Eclipse.TractusX.Portal.Backend.Framework.Logging" Version="2.3.0" />
+    <PackageReference Include="Org.Eclipse.TractusX.Portal.Backend.Framework.Seeding" Version="2.3.0" />
   </ItemGroup>
 
   <ItemGroup>