diff --git a/.github/workflows/pullRequest-lint.yaml b/.github/workflows/pullRequest-lint.yaml
new file mode 100644
index 000000000..e2c4fceb4
--- /dev/null
+++ b/.github/workflows/pullRequest-lint.yaml
@@ -0,0 +1,61 @@
+# #############################################################################
+# Copyright (c) 2023 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License, Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# #############################################################################
+
+name: "Lint PullRequest"
+
+on:
+ pull_request_target:
+ types:
+ - opened
+ - edited
+ - synchronize
+
+jobs:
+ main:
+ name: Validate PR title
+ runs-on: ubuntu-latest
+ steps:
+ - uses: amannn/action-semantic-pull-request@v5
+ id: lint_pr_title
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+ - uses: marocchino/sticky-pull-request-comment@v2
+ # When the previous steps fail, the workflow would stop. By adding this
+ # condition you can continue the execution with the populated error message.
+ if: always() && (steps.lint_pr_title.outputs.error_message != null)
+ with:
+ header: pr-title-lint-error
+ message: |
+ Hey there and thank you for opening this pull request! 👋🏼
+
+ We require pull request titles to follow the [Conventional Commits specification](https://www.conventionalcommits.org/en/v1.0.0/) and it looks like your proposed title needs to be adjusted.
+
+ Details:
+
+ ```
+ ${{ steps.lint_pr_title.outputs.error_message }}
+ ```
+
+ # Delete a previous comment when the issue has been resolved
+ - if: ${{ steps.lint_pr_title.outputs.error_message == null }}
+ uses: marocchino/sticky-pull-request-comment@v2
+ with:
+ header: pr-title-lint-error
+ delete: true
diff --git a/.gitignore b/.gitignore
index 8800349bb..86392e509 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,10 @@
**/.DS_Store
node_modules
-public/documentation/js/lib
\ No newline at end of file
+public/documentation/js/lib
+
+# Add legal info files during build
+
+public/assets/notice/LICENSE
+public/assets/notice/DEPENDENCIES
+public/assets/notice/NOTICE.md
+public/assets/notice/SECURITY.md
\ No newline at end of file
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 11b4b3f4e..88d250dc9 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,103 +2,72 @@
New features, fixed bugs, known defects and other noteworthy changes to each release of the Catena-X Portal Assets.
-## 1.7.0-RC4
+## 1.7.0
### Change
+- Portal Version Upgrade
+ - updated documentation for fixes, changes and news
+ - added information about PostgresSQL upgrade and recommended upgrade approach
+ - added table of content
+- Technical Documentation
+ - updated documentation for application monitoring options
+ - updated documentation about application auditing
+- Technical User documentation
+ - enhanced developer documentation of technical user deletion function
+ - added technical user credential reset documentation/flow
+ - dev documentation of new added technical user filters
+- Credential Management
+ - updated end user documentation of allowed file types and size for VC request flow
+ - added new endpoint in developer documentation regarding requestable credentials
+ - added end user FAQ
+- Technical User Role Definition
+ - removed 'Connector User' and 'App Tech User'
+ - updated 'Service Management' to 'Offer Management'
+ - added 'Semantic Model Management', 'Dataspace Discovery', 'CX Membership Info'
+ - updated permission assignment (R&R matrix documentation & portal upgrade script provided for portal db)
+- Legal information for distributions [TRG 7.05](https://eclipse-tractusx.github.io/docs/release/trg-7/trg-7-05/)
+ - added legal info at build
+- updated static template guidelines
+- enhanced/updated content for app provider introduction page
+- added onboarding service provider introduction page
+- added list of standard technical user needed to run the portal application integration with core applications
+- updated identity provider connection documentation (developer & end user) for new flow
+- enhanced subscription management board (service provider) documentation (developer & end user)
+- updated app change process (roles, tenant url, etc.) for developers and end users
+- interface contract documentation for 'Clearinghouse' updated with new architecture images and additional details of relevant authentication users and used endpoints
+- traceability use case page images and text sections updated for release 23.12
+- useCase content file updated
+- images linked for traceability useCase exchanged
- added documentation for service account sync
-- added table of content to version upgrade
- added documentation for app change documents
- added license notice and image licenses
- added notice to md files in docs and developers directory
- added check for license info headers, footers and files in pr-template
-- added data-flow diagram
+- added security assessment documentation and removed data-flow diagram (integrated in security assessment)
- moved iam specific documentation to portal-iam repository
- updated documentation for bulk user creation
- updated bpdm interface contract
+- updated offer authentication flow
- fixed typos
-### Technical Support
-
-- Trivy scan: changed to no failure on high findings, as it should only fail if there is an error/misconfiguration
-
-## 1.7.0-RC3
-
-### Change
-
-- useCase content file updated
-- images linked for traceability useCase exchanged
-- portal database upgrade documentation updated
-
### Feature
-n/a
-
-### Bugfix
-
-n/a
-
-## 1.7.0-RC2
-
-### Change
-
-- identity provider connection documentation (developer & end user); new flow released
-- subscription management board (service provider) documentation enhanced (developer & end user)
-- updated technical user role definition
- - removal of 'Connector User', 'App Tech User'
- - updated 'Service Management' to 'Offer Management'
- - added 'Semantic Model Management', 'Dataspace Discovery', 'CX Membership Info'
- - permission assignment updated (R&R Matrix documentation & portal upgrade script provided for portal db and
-- Interface contract documentation for 'Clearinghouse' updated with new architecture images and additional details of relevant authentication users and used endpoints
-- traceability use case page images and text sections updated for release 23.12
-
-### Feature
-
-n/a
-
-### Technical Support
-
-- Portal db - technical user upgrade script provided which need to get executed for upgrade from 1.6.0 to 1.7.0 RC
-- Keycloak db - technical user upgrade script provided which need to get executed for upgrade from 1.6.0 to 1.7.0 RC
-- Added linter rules and prettify gitHub actions for asset repo and fixed findings
+- Service Change Process
+ - released documentation of 'Service Deactivation'
### Bugfix
-- md file linkage
-
-## 1.7.0-RC1
-
-### Change
-
-- Updates static template guidelines
-- Enhanced/updated content for app provider introduction page
-- Added onboarding service provider introduction page
-- Technical Documentation: updated documentation for application monitoring options
-- Technical Documentation: updated documentation about application auditing
-- Technical User documentation
- - enhanced developer docu of technical user deletion function
- - added technical user credential reset documentation/flow
- - dev documentation of new added technical user filters
-- Added list of standard technical user needed to run the portal application integration with core applications
-- Updated app change process (roles, tenant url, etc.) for developers and end users
-- Credential Management
- - updated end user docu of allowed file types and size for VC request flow
- - added new endpoint in developer documentation regarding requestable credentials
- - added end user FAQ
-
-### Feature
-
-- Service Change Process
- - released docu of 'Service Deactivation'
+- updated background color used in static page last section
+- fixed links in md files
### Technical Support
-- Dependencies upgraded
-- Moved couple of images from gitHub md files to docs/static image folder/directory
-
-### Bugfix
-
-- Updated background color used in static page last section
+- upgraded dependencies
+- moved some images referenced in md file from GitHub to docs/static directory
+- added linter rules and prettify gitHub actions for asset repo and fixed findings
+- Trivy scan: changed to no failure on high findings, as it should only fail if there is an error/misconfiguration
+- added pull request linting
## 1.6.1
diff --git a/developer/Technical Documentation/Architecture/Data-Flow.md b/developer/Technical Documentation/Architecture/Data-Flow.md
deleted file mode 100644
index 8be269f58..000000000
--- a/developer/Technical Documentation/Architecture/Data-Flow.md
+++ /dev/null
@@ -1,121 +0,0 @@
-# Data Flow Diagram
-
-```mermaid
-flowchart LR
-
- RF("Registration")
- PF("Portal")
-
- RS(Registration service)
- AS(Administration service)
- MAS(Marketplace apps service)
- MSS(Marketplace services service)
- NS(Notification service)
-
- CU-Own(Company user)
-
- NC1("Potential new company (admin)")
- CU-Shared1(Company user)
-
- NC2("Potential new company (admin)")
- CU-Shared2(Company user)
-
- NC3("Potential new company (admin)")
- CU-Shared3(Company user)
-
- K("Keycloak (REST API)")
-
- BPDM(Business Partner Data Management)
- SDT(Semantic Hub)
- SDF("SD Factory \n (Self Description)")
- MIW(Managed Identity Wallets)
-
- CH(Gaia-X Clearing House)
- OSP("Onboarding Service Provider \n (Owns infrastructure \n e.g. IAM, portal and registration app, \n other core services) ")
-
- subgraph Portal
- subgraph Frontend
- RF
- PF
- end
- subgraph Backend
- RS
- AS
- MAS
- MSS
- NS
- end
- PDB[(Portal DB \n Postgres \n EF Core for mapping \n objects to SQL)]
- end
- subgraph operator[Operator IdP]
- subgraph centralidp[centralidp Keycloak]
- K
- end
- subgraph sharedidp[sharedidp Keycloak]
- subgraph companyrealm1[Company realm]
- NC1
- CU-Shared1
- end
- subgraph companyrealm2[Company realm]
- NC2
- CU-Shared2
- end
- subgraph companyrealm3[Company realm]
- NC3
- CU-Shared3
- end
- end
- end
- subgraph ownIdP
- CU-Own
- end
- subgraph cross[Catena-X Cross functions]
- BPDM
- SDT
- SDF
- MIW
- OSP
- end
- subgraph ext["External Services (3rd party)"]
- CH
- end
-
- RS <-->|Company data \n user role data \n T&C / consent agreements| RF
- RS <--> K
- RS -->|Company data \n user role data \n T&C consent agreements| PDB
-
- AS --> K
- AS <--> PF
- AS -->|"User data \n (real and technical company data)"| PDB
- AS ---|Data related to \n self description| SDF
- AS -->|"Create MIW-tenant \n update MIW-tenant (BPN-VC, Member-VC) \n update MIW-framework-VC \n update dismantler-VC \n data: BPN, Auth, Contract, Version"| MIW
- AS <-->|Company data \n signed self description| CH
- AS <-->|OSP registers its customer \n Company Data \n Admin User Record| OSP
-
- NS --> PDB & PF & K
-
- BPDM -->|"Company data (e.g. name, etc.)"| RF
- BPDM -->|"Company data (e.g. BPN)"| AS
-
- MAS -->|Company app subscription data \n app service data + user preferences| PDB
- MAS <--> K & PF
-
- MSS <--> PF & K
- MSS -->|Company app subscription data \n app service data + user preferences| PDB
-
- SDF <--> CH
-
- SDT -->|Product meta data| PF
-
- NC1 & CU-Shared1 & NC2 & CU-Shared2 & NC3 & CU-Shared3 & CU-Own --> |OIDC| K
-
- K <--> |"Authentication/authorization data (using JWT)"| RF & PF
-```
-
-## NOTICE
-
-This work is licensed under the [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0).
-
-- SPDX-License-Identifier: Apache-2.0
-- SPDX-FileCopyrightText: 2021-2023 Contributors to the Eclipse Foundation
-- Source URL: https://github.com/eclipse-tractusx/portal-assets
diff --git a/developer/Technical Documentation/Architecture/Security-Assessment.md b/developer/Technical Documentation/Architecture/Security-Assessment.md
index ceda94806..b3426b580 100644
--- a/developer/Technical Documentation/Architecture/Security-Assessment.md
+++ b/developer/Technical Documentation/Architecture/Security-Assessment.md
@@ -1,4 +1,35 @@
-# Security Assessment
+# Security Assessment Portal (incl. Frontend, Backend Services, IAM and other infrastructure)
+
+| | |
+| ------------------------- | ---------------------------------------------------------------------------------------------- |
+| Contact for product | [@evegufy](https://github.com/evegufy)
[@jjeroch](https://github.com/jjeroch) |
+| Security responsible | [@SSIRKC](https://github.com/SSIRKC)
[Szymon Kowalczyk](szymon.kowalczyk.external@zf.com) |
+| Version number of product | 23.12 |
+| Dates of assessment | 2023-11-14: Re-Assessment |
+| Status of assessment | RE-ASSESSMENT DRAFT |
+
+## Product Description
+
+The Catena-X Portal and Marketplace is the heart of Catena-X and the entry point for all activities in the automotive network/value chain.
+Every user of the automotive value chain, no matter if it is a consumer, app provider, IT administrator or IT support will connect via the portal to the value bringing services.
+The whole eco-system on the automotive value chain is connected at one place.
+
+- Portal Frame
+- Partner Onboarding Process (initial, technical & business)
+- Login Process
+- User Management
+- App Store
+- Developer Platform
+- UI / UX & Developer Guidelines
+
+### Important Links
+
+- [portal-frontend](https://github.com/eclipse-tractusx/portal-frontend)
+- [portal-frontend-registration](https://github.com/eclipse-tractusx/portal-frontend-registration)
+- [portal-shared-components](https://github.com/eclipse-tractusx/portal-shared-components)
+- [portal-assets](https://github.com/eclipse-tractusx/portal-assets)
+- [portal-backend](https://github.com/eclipse-tractusx/portal-backend)
+- [portal-iam](https://github.com/eclipse-tractusx/portal-iam)
## Data Flow Diagram
@@ -14,18 +45,26 @@ flowchart LR
MSS(Marketplace services service)
NS(Notification service)
- NC("Potential new company (admin)")
- CU-Shared(Company user)
CU-Own(Company user)
+ NC1("Potential new company (admin)")
+ CU-Shared1(Company user)
+
+ NC2("Potential new company (admin)")
+ CU-Shared2(Company user)
+
+ NC3("Potential new company (admin)")
+ CU-Shared3(Company user)
+
K("Keycloak (REST API)")
BPDM(Business Partner Data Management)
- SDT(Semantic Hub / Digital Twin)
- SDR("SD-Registry \n (Self Description)")
+ SDT(Semantic Hub)
+ SDF("SD Factory \n (Self Description)")
MIW(Managed Identity Wallets)
CH(Gaia-X Clearing House)
+ OSP("Onboarding Service Provider \n (Owns infrastructure \n e.g. IAM, portal and registration app, \n other core services) ")
subgraph Portal
subgraph Frontend
@@ -41,14 +80,22 @@ flowchart LR
end
PDB[(Portal DB \n Postgres \n EF Core for mapping \n objects to SQL)]
end
- subgraph Keycloak
- subgraph centralidp
+ subgraph operator[Operator IdP]
+ subgraph centralidp[centralidp Keycloak]
K
end
- subgraph sharedidp
- subgraph Company realms
- NC
- CU-Shared
+ subgraph sharedidp[sharedidp Keycloak]
+ subgraph companyrealm1[Company realm]
+ NC1
+ CU-Shared1
+ end
+ subgraph companyrealm2[Company realm]
+ NC2
+ CU-Shared2
+ end
+ subgraph companyrealm3[Company realm]
+ NC3
+ CU-Shared3
end
end
end
@@ -58,40 +105,156 @@ flowchart LR
subgraph cross[Catena-X Cross functions]
BPDM
SDT
- SDR
+ SDF
MIW
+ OSP
end
subgraph ext["External Services (3rd party)"]
CH
end
-
- RS <-->|Company data \n user role data \n T&C / consent agreements| RF
- RS <--> K
- RS -->|Company data \n user role data \n T&C consent agreements| PDB
- RS -->|"Company data (e.g. name, etc.)"| BPDM
-
- AS --> K
+RS <-->|Company data \n user role data \n T&C / consent agreements| RF
+ RS <-.-> K
+ RS ==>|Company data \n user role data \n T&C consent agreements| PDB
+ AS -.-> K
AS <--> PF
- AS -->|"User data \n (real and technical company data)"| PDB
- AS -->|Data related to \n self description| SDR
+ AS ==>|"User data \n (real and technical company data)"| PDB
+ AS ---|Data related to \n self description| SDF
AS -->|"Create MIW-tenant \n update MIW-tenant (BPN-VC, Member-VC) \n update MIW-framework-VC \n update dismantler-VC \n data: BPN, Auth, Contract, Version"| MIW
- AS -->|Company data \n signed self description| CH
+ AS <-->|Company data \n signed self description| CH
+ AS <-->|OSP registers its customer \n Company Data \n Admin User Record| OSP
+ NS --> PF
+ NS ==> PDB
+ NS -.-> K
+ BPDM -.->|"Company data (e.g. name, etc.)"| RF
+ BPDM -->|"Company data (e.g. BPN)"| AS
+ MAS ==>|Company app subscription data \n app service data + user preferences| PDB
+ MAS <--> PF
+ MAS <-.-> K
+ MSS <--> PF
+ MSS <-.-> K
+ MSS ==>|Company app subscription data \n app service data + user preferences| PDB
+ SDF <--> CH
+ SDT -.->|Product meta data| PF
+ NC1 & CU-Shared1 & NC2 & CU-Shared2 & NC3 & CU-Shared3 & CU-Own -.-> |OIDC| K
+ K <-.-> |"Authentication/authorization data (using JWT)"| RF & PF
+ subgraph Legend
+ C1("Component 1")
+ D1[("Database")]
+ C1 <-.-> |https| D1
+ C1 <--> |https| D1
+ C1 <==> |https| D1
+
+ end
+```
+
+### Changes compared to last Security Assessment
+
+- No major architectural changes that introduce new threats.
+- Main changes are connections to the onboarding service provider.
- MAS -->|Company app subscription data \n app service data + user preferences| PDB
- MAS <--> K & PF
+### Features for Upcoming Versions
- MSS <--> PF & K
- MSS -->|Company app subscription data \n app service data + user preferences| PDB
+- Integration of onboarding service provider endpoints.
- NS --> PDB & PF & K
+## Threats & Risks
- PF -->|Product meta data| SDT
- PF -->|"Company data (e.g. BPN)"| BPDM
+All threats identified are mitigated.
- NC & CU-Shared & CU-Own --> |OIDC| K
+### Mitigated Threats
- K <--> |"Authentication/authorization data (using JWT)"| RF & PF
+- Risks from Logging: Repudiation, Corrupted Logs, Compromised Audit Capabilities
+ - Follow best practices for logging - ensure logs are being sent over a secure channel and that there is additional monitoring on logs originating from lower trust sources. Ensure the source of the logs is authenticated before accepting logs. Review substance of logs with security administrators and data protection officer. Integrity monitoring can be implemented at a later stage by the operator.
+- Elevation by Changing the Execution Flow in Front-End, Out-of-band resource load (HTTP)
+ - An operator should review the purpose and intended use of the relevant application functionality, and determine whether the ability to trigger arbitrary out-of-band resource load is intended behavior. If so, you should be aware of the types of attacks that can be performed via this behavior and take appropriate measures. These measures might include blocking network access from the application server to other internal systems, and hardening the application server itself to remove any services available on the local loopback adapter. You should also ensure that content retrieved from other systems is processed in a safe manner, with the usual precautions that are applicable when processing input from direct incoming web requests. If the ability to trigger arbitrary out-of-band resource load is not intended behavior, then you should implement a whitelist of permitted URLs, and block requests to URLs that do not appear on this whitelist.
+- Cross Site Scripting (XSS) \* Input validation for both front ends would greatly reduce chances of this threat. Input should be sanitized syntactically and also be checked semantically.
+ All variables go through validation and are then escaped or sanitized (confirmation needed). API call validation - best practice that is implemented. Output encoding - unsure on current implementation.
+- Cross Site Request Forgery (XSRF)
+ - Unique Session IDs, Anti-CSRF token, SSL/TLS implemented.
+- Weakness in SSO Authorization Protocol
+ - Mitigated with the standardized protocol implementation.
+- Replay Attacks
+ - Token validation in place and this threat was not discovered in the PenTest.
+- Weak Authentication Scheme
+ - Implementation of Password Policies for all Catena-X IdP users. The password policies need to get configured, tested and automated to have the possibility to run the configuration by new realm creation.
+- SQL Injection - This issue is addressed within the capabilities of .NET and includes:
+ - Parameterization
+ - Input Validation
+ - Other Framework Mechanisms (e.g. Query Builder Methods)
+- Breach of Portal DB Information
+ - Migrations .NET mechanisms applied (restrict the access)
+ - No root or default users
+ - All users are restricted (custom user, custom access restriction)
+- Data Flow HTTPS Is Potentially Interrupted (Resource Overload)
+ - Service Accounts for all APIs
+ - Rate Limiting
+- Process Crash
+ - Availability implemented by having multiple pods in parallel (Check for pod failure + rolling updates)
+ - Access to resources restricted by AAA mechanisms
+ - Infrastructure measures applied like (in reference implementation), but this is covered by the operating company
+- JavaScript Object Notation Processing / Hijacking Attacks
+ - .NET parser implemented for JSON according to best practices
+- K8s Breach
+ - Kubernetes configured through Helm Chart, reviewed by KICS scan (scans for security vulnerabilities) - overall best practices to be managed by DevOps.
+- Service Account Handling (Client Secret/ ID storage
+ - Secrets are safely stored in KeyCloak
+ - Secret handling is fully implemented on provider side (KeyCloak)
+ - These measures are applied overall to all service accounts
+
+### Performed Security Checks
+
+- Static Application Security Testing (SAST) - VeraCode
+- Dynamic Application Security Testing (DAST) - Invicti
+- Secret Scanning - GitGuardian, GitHub, VeraCode
+- Software Composition Analysis (SCA) - VeraCode
+- Container Scan conducted - Trivy
+- Infrastructure as Code - KICS
+
+### Penetration Testing
+
+The lasted Penetration Test by an external security testing company was performed on version 1.6.0-RC1 and took place during the period of July-August 2023.
+
+The following overview shows the open findings at the time of the release of version 1.7.0:
+
+```mermaid
+gantt
+ title Findings Portal Backend
+ dateFormat X
+ axisFormat %s
+
+ section Critical
+ 0 : 0, 0
+ section High
+ 0 : 0, 0
+ section Medium
+ 2 : 0, 2
+ section Low
+ 5 : 0, 5
- %% workaround to improve arrangement of subgraphs
- K ~~~ ownIdP & cross & ext
```
+
+```mermaid
+gantt
+ title Findings Portal Frontend
+ dateFormat X
+ axisFormat %s
+
+ section Critical
+ 0 : 0, 0
+ section High
+ 0 : 0, 0
+ section Medium
+ 2 : 0, 2
+ section Low
+ 5 : 0, 5
+
+```
+
+As outlined in the [Security Policy](../../../SECURITY.md), the findings will be documented as security advisories.
+
+## NOTICE
+
+This work is licensed under the [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0).
+
+- SPDX-License-Identifier: Apache-2.0
+- SPDX-FileCopyrightText: 2021-2023 Contributors to the Eclipse Foundation
+- Source URL: https://github.com/eclipse-tractusx/portal-assets
diff --git a/developer/Technical Documentation/Interface Contracts/BPDM.md b/developer/Technical Documentation/Interface Contracts/BPDM.md
index d3ea105db..5d3c5337f 100644
--- a/developer/Technical Documentation/Interface Contracts/BPDM.md
+++ b/developer/Technical Documentation/Interface Contracts/BPDM.md
@@ -15,7 +15,7 @@ Business Partner Data Management as a product as well as the portal have three d
Below the respective touched business process steps are highlighted to enable an easier mapping of the interfaces to the portal product business process:
- +
- +
- +
- +