An open API service indexing awesome lists of open source software.

https://github.com/ofqualgovuk/ofqual-recognition-frontend

The front-end project for the Ofqual Recognition API
https://github.com/ofqualgovuk/ofqual-recognition-frontend

asp-net-mvc blazor csharp razor

Last synced: 9 months ago
JSON representation

The front-end project for the Ofqual Recognition API

Awesome Lists containing this project

README

          

# Ofqual Register of Recognised Qualifications Frontend

[![Build Status](https://dev.azure.com/ofqual/Ofqual%20IM/_apis/build/status%2Fofqual-recognition-frontend?branchName=main)](https://dev.azure.com/ofqual/Ofqual%20IM/_build/latest?definitionId=393&branchName=main)

The Ofqual Register of Recognised Qualifications Frontend allows users to:

- Find out if a qualification can be recognised

## Provider

[The Office of Qualifications and Examinations Regulation](https://www.gov.uk/government/organisations/ofqual)

## About this project

This project is a ASP.NET Core 8 web app with the MVC architecture utilising Docker for deployment.

The web app runs on an App service for Container apps on Azure.

# Application Configuration Guide

This document outlines how the application is configured using `appsettings.json` files. These settings help manage behaviour across different environments and scenarios, including development, production and testing.

## Application Settings (`appsettings.json`)

The main application settings are defined in `appsettings.json` and can be tailored per environment using files like `appsettings.Development.json` or `appsettings.Production.json`.

```json
{
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft.AspNetCore": "Warning"
}
},
"AllowedHosts": "*",
"AzureAdB2C": {
"Instance": "",
"ClientId": "",
"ClientCredentials": [
{
"SourceType": "",
"ClientSecret": ""
}
],
"Domain": "",
"SignUpSignInPolicyId": "",
"SignUpSignInPolicyForAutomationId": "",
"RedirectUri": "",
"UseAutomationPolicies": false,
"CallBackPath": "",
"SignedOutCallbackPath": ""
},
"GovUk": {
"StartPage": ""
},
"RecognitionApi": {
"BaseUrl": "",
"Scopes": []
},
"LogzIo": {
"Environment": "",
"Uri": ""
},
"HelpdeskContact": {
"ContactName": "",
"Url": ""
},
"FeatureFlag": {
"Application": true,
"EligibilityLink": false,
"HideDevPage": false
}
}
```

### Setting Details

- **`AzureAdB2C:Instance`**
The URL of the B2C service used to authenticate.

- **`AzureAdB2C:ClientId`**
The Application ID of the service we will be running.

- **`AzureAdB2C:ClientCredentials[0]:SourceType`**
Specifies how the client credentials are sourced. Use `"PlainText"` if the secret is provided directly, or `"KeyVault"` to retrieve it securely from Azure Key Vault.

- **`AzureAdB2C:ClientCredentials[0]:ClientSecret`**
The client secret used to authenticate the application with Azure AD B2C. This should be securely stored and must not be committed to source control.

- **`AzureAdB2C:Domain`**
The domain we will be authenticating under.

- **`AzureAdB2C:SignUpSignInPolicyId`**
The policy name for the typical Sign up/Sign in flow.

- **`AzureAdB2C:SignUpSignInPolicyForAutomationId`**
The policy name for the automated Sign up/Sign in flow, this should not be set in production environments.

- **`AzureAdB2C:RedirectUri`**
An optional parameter that will override the sign-in redirect URL to the specified value, if specified.
This is used for the development service as a workaround and should not be required in production.

- **`AzureAdB2C:UseAutomationPolicies`**
This flag is used in development to determine if the application uses the typical or automated Sign up/Sign in flow.
This should only be set to `true` when using automated testing.

- **`AzureAdB2C:CallBackPath`**
The callback path when signing in to Azure B2C, typically set to `/signin-oidc`

- **`AzureAdB2C:SignedOutCallbackPath`**
The callback path when signing out of Azure B2c, typically set to `/signout-callback-oidc`

- **`GovUk:StartPage`**
The URL of the GOV.UK page that directs the user to begin an application or to sign into a pre-existing application.

- **`RecognitionApi:BaseUrl`**
The base URL of the external Recognition API the application communicates with. This should point to the correct environment (e.g., local, development, production).

- **`RecognitionApi:Scopes`**
A list of OAuth scopes the application will request when calling the Recognition API. These scopes define the permissions being requested on behalf of the user or system.

For example:

```json
"Scopes": [
"https://example.com/.default",
"api://your-app-id/read"
]
```

- **`LogzIo:Environment`**
Identifies the current environment in the logs (e.g., `DEV`, `PREPROD`, `PROD`). This helps separate log entries across environments.

- **`LogzIo:Uri`**
The endpoint URI for sending log data to an external logging service such as Logz.io.

- **`HelpdeskContact:ContactName`**
The name or title of the helpdesk contact to display on error pages.

- **`HelpdeskContact:Url`**
The email address or URL for users to contact the helpdesk, shown on error pages.

- **`FeatureFlag:Application`**
A **boolean** flag used to enable or disable middleware URL redirection and application UI visibility.
When set to `false`, users will be redirected away from application-related routes and any associated buttons or links will not be shown.

- **`FeatureFlag:EligibilityLink`**
A **boolean** flag used to redirect users from the current Google Form for signing up for a Legacy Recognition account, to the new system
When set to `true`, users are redirected to the pre-engagement flow instead of the Google form.

- **`FeatureFlag:HideDevPage`**
A **boolean** flag, when set to `true`, allows the user to disable the developer home page and redirect the user as if the application is in production,
This only applies to the development environment and will be ignored in production. This feature is expected to be used for testing purposes only.

> These settings should be environment-specific and managed through `appsettings.{Environment}.json` or overridden using environment variables in production scenarios.

## Test Settings (`appsettings.Test.json`)

These settings are used specifically for **Playwright-based end-to-end (E2E) and integration tests**. They define the runtime context for automated test execution and should not be applied in production.

```json
{
"TestSettings": {
"BaseUrl": "",
"B2CUser": {
"Username": "",
"Password": ""
}
}
}
```

### Setting Details

- **`TestSettings:BaseUrl`**
The base URL of the application under test. This should point to the environment where E2E or integration tests are executed (e.g., local dev server, test container, or staging instance).
- **`TestSettings:B2CUser:Username`**
The Azure B2C test user's email or login name.

- **`TestSettings:B2CUser:Password`**
The password associated with the Azure B2C test user.

> These settings support the test environment and can be overridden in CI/CD using environment variables (e.g., `TestSettings__BaseUrl`).