- Added detailed sections for Organization, Group, Access Request, Access Review, and Audit & Compliance aggregates in both English and Vietnamese.
- Included class diagrams and enumerations to enhance understanding of the new structures and their relationships.
- Updated the AuditEventType table to reflect 18 event types, improving clarity on event handling within the IAM Service.
- Added detailed sections for new API endpoints in both English and Vietnamese, covering functionalities for managing organizations, groups, access requests, access reviews, privileged access, audit logs, and compliance reports.
- Enhanced documentation clarity and accessibility, reflecting the latest features introduced in the IAM Service.
- Added Access Requests, Access Reviews, Privileged Access Management, Audit Log, and Compliance APIs to enhance access management and governance capabilities.
- Updated the DbContext to include new entities for AuditLog and ComplianceReport, improving data handling for compliance and auditing.
- Enhanced Dependency Injection to support new repositories for the added functionalities, streamlining service operations.
- Introduced new AccessReview and PrivilegedAccess entities in the DbContext to enhance access management capabilities.
- Updated Dependency Injection to include AccessReviewRepository and PrivilegedAccessRepository, improving service functionality for access reviews and privileged access management.
- Introduced new Access Request and Access Request Approver entities in the DbContext to support access management features.
- Updated Dependency Injection to include the AccessRequestRepository, enhancing the service's capabilities for handling access requests.
- Added example curl command for token retrieval using the test account, improving developer experience for testing authentication flows.
- Added new sections for Organization & Group APIs, User Profile APIs, and Identity Verification APIs in both English and Vietnamese documentation, reflecting the features introduced in Phase 2.
- Revised the implementation roadmap to indicate the completion of Identity Management features, enhancing clarity on the current capabilities of the IAM Service.
- Updated the Dependency Injection and DbContext to include new repositories and database tables for the added functionalities.
- Added a fixed issuer URI for inter-service communication in the docker-compose.yml and appsettings.json.
- Updated DependencyInjection to utilize the new issuer URI, ensuring consistency across hosts and containers.
- Added curl installation in the IAM service Dockerfile for improved functionality.
- Removed the deprecated docker-compose.yml for the Storage Service, consolidating service definitions.
- Ensured consistency in the build and publish commands for the Storage Service Dockerfile.
- Updated the UsersController to ensure that the Email field defaults to an empty string if null, and the Status field defaults to "Unknown" if not set. This improves the robustness of the user data returned in API responses.
- Changed authorization schemes in AuthController, RolesController, and UsersController from JwtBearerDefaults.AuthenticationScheme to "Bearer" for uniformity across the application.
- Added new endpoints in UsersController to retrieve user roles and permissions by user ID, enhancing user management capabilities.
- Added IAM service configuration to the local docker-compose.yml for streamlined deployment.
- Removed the separate docker-compose.yml file from the IAM service directory to consolidate service definitions.
- Added phone number field to the registration example in the API documentation.
- Included detailed response structure for registration and email verification endpoints.
- Updated email confirmation example to use email instead of userId for clarity.
- Enhanced two-factor authentication response to include manual entry key and recovery codes.
- Updated recovery code generation to use 12 bytes for base64 conversion, ensuring sufficient characters.
- Implemented fallback padding to guarantee a minimum length of 8 characters for generated codes.
- Adjusted formatting to maintain readability with XXXX-XXXX structure.
- Changed SMTP configuration to use specific credentials and sender details for the GoodGo IAM service.
- Updated sender email and name to reflect the new service branding.
- Modified logging levels in `appsettings.Development.json` to enhance log visibility.
- Added Serilog configuration for structured logging and console output.
- Updated Redis connection settings for improved security and performance.
- Introduced email configuration settings for SMTP integration.
- Added two-factor authentication settings and social login configurations for Google and Facebook.
- Updated the default connection string in `appsettings.json` to match the new database setup.
- Deleted the `Login` method and associated `LoginRequest` and `LoginResponse` models from `AuthController.cs` to streamline authentication processes.
- This change simplifies the codebase by removing unused components related to the Resource Owner Password Grant flow.
- Added JWT Bearer authentication configuration in `Program.cs` for IAM service integration.
- Updated Swagger setup to include JWT Bearer security definition and requirements.
- Introduced a new Swagger UI client for testing with resource owner password grant type in `Config.cs`.
- Included necessary package reference for `Microsoft.AspNetCore.Authentication.JwtBearer` in the project file.
- Modified local `.env` and `.env.local` files to include external Redis configuration and IAM service database connection details.
- Updated `docker-compose.yml` to disable local Redis service in favor of an external Redis instance.
- Added JWT configuration parameters for the IAM service, enhancing security and token management.
- Revised example environment file to reflect new configuration options for external services.
- Enhanced documentation to clarify setup instructions for local development with external dependencies.
- Added endpoints for sending and confirming email verification, enhancing user account security.
- Integrated two-factor authentication (2FA) with TOTP support, including enabling, verifying, and disabling 2FA.
- Implemented social login functionality for Google and Facebook, allowing users to authenticate using their existing accounts.
- Updated dependency injection to include services for email, 2FA, and social login.
- Enhanced documentation to reflect new features and usage examples for email verification and 2FA.
- Revised architecture documentation to replace OpenIddict references with Duende IdentityServer, including updates to diagrams and flow descriptions.
- Updated README files in both English and Vietnamese to reflect the change in the OAuth2/OIDC server from OpenIddict to Duende IdentityServer.
- Enhanced token management and authentication flow descriptions to align with the new identity server implementation.
- Replaced JwtSecurityToken with JsonWebToken in DependencyInjection.cs to align with ASP.NET Core 8+ requirements.
- Enhanced CustomWebApplicationFactory to configure minimal JWT validation and custom authentication handling for functional tests.
- Removed outdated tests that relied on InMemory Database limitations, ensuring a cleaner test suite.
- Updated RegisterUserCommandHandlerTests to throw DuplicateResourceException for better error handling.
- Replaced OpenIddict references with Duende IdentityServer in the project, including updates to the API project and infrastructure.
- Refactored authentication and authorization logic in AuthController, LogoutCommandHandler, and related services to align with Duende IdentityServer's structure.
- Updated dependency injection configuration to register Duende IdentityServer components and JWT Bearer authentication.
- Enhanced functional tests to accommodate changes in authentication flow and ensure compatibility with the new identity server.
- Removed obsolete OpenIddict components and related code to streamline the project.
- Added custom exceptions: DuplicateResourceException, EntityNotFoundException, AuthenticationFailedException, and BusinessRuleException to improve error handling in the application.
- Updated Program.cs to map these exceptions to appropriate HTTP status codes and problem details for better client feedback.
- Refactored RegisterUserCommandHandler to throw DuplicateResourceException when a user with the same email already exists.
- Enhanced testing setup in CustomWebApplicationFactory to ensure proper handling of these exceptions during functional tests.
- Updated DependencyInjection.cs to conditionally register DbContext based on the environment, skipping registration in the Testing environment.
- Improved CustomWebApplicationFactory to remove existing DbContext and Redis registrations, ensuring a clean setup for tests.
- Added methods to streamline the removal of DbContext and Redis service registrations.
- Updated functional tests to include better logging and error handling for unexpected responses.
- Bumped Microsoft.EntityFrameworkCore.InMemory package version to 10.0.1 for compatibility.
- Removed obsolete SamplesControllerTests file to clean up the test suite.
- Reorganized the Program.cs file to streamline service configuration, including Serilog setup, API versioning, and health checks.
- Added logging configuration to set a minimum logging level for tests, reducing output noise.
- Enhanced Swagger integration with detailed API documentation and OAuth2 security definitions.
- Implemented ProblemDetails middleware for better error handling and added support for health check endpoints.
- Updated AddInfrastructure method to accept an environment name parameter for conditional Redis caching configuration.
- Implemented logic to skip Redis caching setup in the Testing environment.
- Added InMemoryCacheService for testing purposes, providing a mock implementation of ICacheService.
- Enhanced TransactionBehavior to skip transactions for InMemory databases.
- Updated functional tests to remove Redis-related services and ensure proper database setup for testing.
- Added detailed sections on distributed caching architecture, including caching overview, ICacheService interface, and caching strategies for tokens and sessions.
- Enhanced documentation with mermaid diagrams to illustrate caching flows and key patterns.
- Updated Redis configuration instructions in the README, including environment variable setup and usage examples for caching operations.
- Removed outdated notes from the NOTE.MD file to streamline content and focus on relevant tasks and proposals.
- Added Redis caching support to the IAM service, including configuration settings in `appsettings.json` and environment variables.
- Introduced `ICacheService` interface for caching operations and implemented `RedisCacheService`.
- Updated documentation to include Redis setup instructions and usage examples for caching user data and token management.
- Enhanced user account management by adding an `Activate` method to the `ApplicationUser` class.
- Fixed assertions in unit tests to reflect the updated user status after activation.
- Added debug middleware for /connect/* endpoints to log request and response details for better troubleshooting.
- Updated OAuth2 configuration to include "offline_access" scope and disabled access token encryption for development.
- Improved DbContext registration in tests by removing all related registrations and ensuring in-memory database setup for testing purposes.
- Addressed issues with the /connect/token endpoint not responding, outlining next steps for debugging and fixing the OpenIddict configuration.
- Introduced comprehensive sections on database migrations in the README files for English and Vietnamese documentation, including prerequisites, migration creation, and application steps.
- Added instructions for setting up the Neon database, including connection string configuration in `appsettings.Development.json`.
- Updated the `appsettings.Development.json` file with a default connection string for the Neon database and added Redis configuration.
- Included additional EF Core commands for managing migrations in the Vietnamese documentation.
- Updated README and architecture documentation to reflect the new authentication flow, including user registration, login, token management, and logout processes.
- Enhanced API documentation with detailed examples for each step of the authentication process, including curl commands and expected responses.
- Improved clarity in the architecture diagrams, outlining the interaction between clients, API, application, and infrastructure layers.
- Added sections on OAuth2 grant types and user management functionalities to provide comprehensive guidance for developers.
- Streamlined Vietnamese documentation to ensure consistency with English updates and improve accessibility for users.
- Updated API documentation to include new user management features such as password change and logout functionalities.
- Added detailed descriptions and examples for OAuth2 token endpoint, supporting password, refresh token, and client credentials grants.
- Introduced new endpoints for user management, including retrieving, updating, and deleting users.
- Enhanced Swagger annotations for better clarity and usability of the API documentation.
- Implemented response models for password change and logout operations to standardize API responses.
- Changed the application URL from http://localhost:5000 to http://localhost:5001 to align with updated service configurations.
- This adjustment ensures proper routing during local development.
- Enabled XML documentation generation for improved API documentation.
- Updated API descriptions and added detailed endpoint information for better clarity.
- Introduced Swagger annotations for authentication and user management endpoints.
- Enhanced response types and added pagination information in user-related responses.
- Included contact and license information in the API metadata for better transparency.
- Added new sections on API Design, Caching Patterns, and Testing Patterns to the Vietnamese documentation.
- Updated sidebar configurations for improved navigation and accessibility.
- Removed outdated onboarding guides to streamline content and focus on relevant resources.
