Merge pull request #8246 from NuGet/zhhyu-Cookies-Revert

Revert "[Cookie Compliance] Revert revert and fix the functional test…

Author: zhhyu

src/NuGetGallery.Core/Cookies/CookieComplianceService.cs

@@ -0,0 +1,51 @@
+// Copyright (c) .NET Foundation. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
+
+using System;
+using System.Collections.Generic;
+using System.Threading;
+using System.Threading.Tasks;
+using System.Web;
+using NuGetGallery.Diagnostics;
+
+namespace NuGetGallery.Cookies
+{
+    /// <summary>
+    /// Base cookie compliance service with access to some Gallery resources.
+    /// </summary>
+    public abstract class CookieComplianceServiceBase : ICookieComplianceService
+    {
+        private string _domain;
+        private IDiagnosticsSource _diagnostics;
+
+        protected string Domain => _domain ?? throw new InvalidOperationException(CoreStrings.CookieComplianceServiceNotInitialized);
+
+        protected IDiagnosticsSource Diagnostics => _diagnostics ?? throw new InvalidOperationException(CoreStrings.CookieComplianceServiceNotInitialized);
+
+        public virtual Task InitializeAsync(string domain, IDiagnosticsService diagnostics, CancellationToken cancellationToken)
+        {
+            // Service should only be initialized once.
+            if (_domain != null)
+            {
+                throw new InvalidOperationException(CoreStrings.CookieComplianceServiceAlreadyInitialized);
+            }
+
+            _domain = domain;
+            _diagnostics = diagnostics.GetSource(GetType().Name);
+
+            return Task.Delay(0);
+        }
+        
+        public abstract bool CanWriteNonEssentialCookies(HttpRequestBase request);
+
+        public abstract bool NeedsConsentForNonEssentialCookies(HttpRequestBase request);
+
+        public abstract CookieConsentMessage GetConsentMessage(HttpRequestBase request, string locale = null);
+
+        public abstract string GetConsentMarkup(HttpRequestBase request, string locale = null);
+
+        public abstract IEnumerable<string> GetConsentScripts(HttpRequestBase request, string locale = null);
+
+        public abstract IEnumerable<string> GetConsentStylesheets(HttpRequestBase request, string locale = null);
+    }
+}

src/NuGetGallery.Core/Cookies/CookieComplianceServiceBase.cs

@@ -0,0 +1,18 @@
+// Copyright (c) .NET Foundation. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
+
+namespace NuGetGallery.Cookies
+{
+    public class CookieConsentMessage
+    {
+        public string Message { get; set; }
+
+        public string MoreInfoUrl { get; set; }
+
+        public string MoreInfoText { get; set; }
+
+        public string MoreInfoAriaLabel { get; set; }
+
+        public string[] Javascripts { get; set; }
+    }
+}

src/NuGetGallery.Core/Cookies/CookieConsentMessage.cs

@@ -1,8 +1,8 @@
 // Copyright (c) .NET Foundation. All rights reserved.
 // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
 
+using System.Collections.Generic;
 using System.Web;
-using System.Threading.Tasks;
 
 namespace NuGetGallery.Cookies
 {
@@ -12,21 +12,40 @@ namespace NuGetGallery.Cookies
     public interface ICookieComplianceService
     {
         /// <summary>
-        /// Determine whether it's allowed to write analytics cookies.
+        /// Determine if consent is still needed for writing non-essential cookies.
         /// </summary>
-        /// <returns>True if it's allowed.</returns>
-        Task<bool> CanWriteAnalyticsCookiesAsync(HttpRequestBase request);
+        /// <returns>True if consent is needed, false if consent is already provided or not required.</returns>
+        bool NeedsConsentForNonEssentialCookies(HttpRequestBase request);
 
         /// <summary>
-        /// Determine whether it's allowed to write social media cookies.
+        /// Determine if non-essential cookies can be written.
         /// </summary>
-        /// <returns>True if it's allowed</returns>
-        Task<bool> CanWriteSocialMediaCookiesAsync(HttpRequestBase request);
+        /// <returns>True if non-essential cookies can be written, false otherwise.</returns>
+        bool CanWriteNonEssentialCookies(HttpRequestBase request);
 
         /// <summary>
-        /// Determine whether it's allowed to write advertising cookies.
+        /// Get the cookie consent banner message and resources. This API is an alternative to the default
+        /// rendering APIs below and can be used to customize the UI. Note that the messaging must remain intact.
         /// </summary>
-        /// <returns>True if it's allowed.</returns>
-        Task<bool> CanWriteAdvertisingCookiesAsync(HttpRequestBase request);
+        CookieConsentMessage GetConsentMessage(HttpRequestBase request, string locale = null);
+
+        #region Default CookieConsent rendering
+
+        /// <summary>
+        /// Get the default HTML markup for the cookie consent banner.
+        /// </summary>
+        string GetConsentMarkup(HttpRequestBase request, string locale = null);
+
+        /// <summary>
+        /// Get the default CSS links for the cookie consent banner.
+        /// </summary>
+        IEnumerable<string> GetConsentStylesheets(HttpRequestBase request, string locale = null);
+
+        /// <summary>
+        /// Get the default Javascript links for the cookie consent banner.
+        /// </summary>
+        IEnumerable<string> GetConsentScripts(HttpRequestBase request, string locale = null);
+
+        #endregion
     }
-}
+}

src/NuGetGallery.Core/Cookies/CookieExpirationService.cs

@@ -1,20 +1,32 @@
 // Copyright (c) .NET Foundation. All rights reserved.
 // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
 
+using System.Collections.Generic;
 using System.Web;
-using System.Threading.Tasks;
 
 namespace NuGetGallery.Cookies
 {
     /// <summary>
     /// Default, no-op instance of the cookie compliance service, used when no shim is registered.
     /// </summary>
-    public class NullCookieComplianceService : ICookieComplianceService
+    public class NullCookieComplianceService: CookieComplianceServiceBase
     {
-        public Task<bool> CanWriteAnalyticsCookiesAsync(HttpRequestBase request) => Task.FromResult(false);
+        private static readonly string[] EmptyStringArray = new string[0];
 
-        public Task<bool> CanWriteSocialMediaCookiesAsync(HttpRequestBase request) => Task.FromResult(false);
+        // Consent is not necessary and cookies can be written.
 
-        public Task<bool> CanWriteAdvertisingCookiesAsync(HttpRequestBase request) => Task.FromResult(false);
+        public override bool NeedsConsentForNonEssentialCookies(HttpRequestBase request) => false;
+
+        public override bool CanWriteNonEssentialCookies(HttpRequestBase request) => true;
+
+        // No markdown or scripts will be included.
+
+        public override CookieConsentMessage GetConsentMessage(HttpRequestBase request, string locale = null) => null;
+
+        public override string GetConsentMarkup(HttpRequestBase request, string locale = null) => string.Empty;
+
+        public override IEnumerable<string> GetConsentScripts(HttpRequestBase request, string locale = null) => EmptyStringArray;
+
+        public override IEnumerable<string> GetConsentStylesheets(HttpRequestBase request, string locale = null) => EmptyStringArray;
     }
-}
+}

src/NuGetGallery.Core/Cookies/ICookieComplianceService.cs

@@ -107,10 +107,9 @@
     <Compile Include="Authentication\CredentialTypeInfo.cs" />
     <Compile Include="Authentication\MicrosoftClaims.cs" />
     <Compile Include="Certificates\CertificateFile.cs" />
-    <Compile Include="Cookies\CookieComplianceService.cs" />
-    <Compile Include="Cookies\CookieExpirationService.cs" />
+    <Compile Include="Cookies\CookieComplianceServiceBase.cs" />
+    <Compile Include="Cookies\CookieConsentMessage.cs" />
     <Compile Include="Cookies\ICookieComplianceService.cs" />
-    <Compile Include="Cookies\ICookieExpirationService.cs" />
     <Compile Include="Cookies\NullCookieComplianceService.cs" />
     <Compile Include="CoreConstants.cs" />
     <Compile Include="CredentialTypes.cs" />

src/NuGetGallery.Core/Cookies/ICookieExpirationService.cs

@@ -31,4 +31,4 @@
 // The build will automatically inject the following attributes:
 // AssemblyVersion, AssemblyFileVersion, AssemblyInformationalVersion, AssemblyMetadata (for Branch, CommitId, and BuildDateUtc)
 
-[assembly: AssemblyMetadata("RepositoryUrl", "https://www.github.com/NuGet/NuGetGallery")]
+[assembly: AssemblyMetadata("RepositoryUrl", "https://www.github.com/NuGet/NuGetGallery")]

src/NuGetGallery.Core/Cookies/NullCookieComplianceService.cs

@@ -46,11 +46,6 @@ public static class ServicesConstants
 
         public const string ApiKeyHeaderName = "X-NuGet-ApiKey";
 
-        /// <summary>
-        /// Parameter for passing the cookie compliance permission.
-        /// </summary>
-        public const string CookieComplianceCanWriteAnalyticsCookies = "CanWriteAnalyticsCookies";
-
         public static class ContentNames
         {
             public static readonly string LoginDiscontinuationConfiguration = "Login-Discontinuation-Configuration";