refactor: migrate Exceptionless.Web to Minimal APIs with Foundatio.Mediator#2257
Open
niemyjski wants to merge 43 commits into
Open
refactor: migrate Exceptionless.Web to Minimal APIs with Foundatio.Mediator#2257niemyjski wants to merge 43 commits into
niemyjski wants to merge 43 commits into
Conversation
Planning artifacts for migrating Exceptionless.Web controllers to Minimal APIs with Foundatio.Mediator dispatch, preserving all existing API behavior. Change deliverables: - proposal.md: justification, classification, rollback plan - design.md: architecture, endpoint/mediator/handler patterns - tasks.md: 19 ordered migration tasks with verification steps - acceptance.md: SHALL/SHALL NOT acceptance criteria - risks.md: 9 risks with mitigation strategies New specs (testable SHALL statements): - api-architecture: endpoint registration, mediator dispatch, DI - api-contract: route/response/header preservation - api-validation: DataAnnotation + MiniValidation - api-problem-details: error response shape - api-middleware: throttling, overage, filters, pipeline ordering - api-openapi: runtime/build-time generation, snapshot tests - api-patching: Delta<T> preservation, no JSON Patch Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Merge all service registrations and middleware pipeline into single Program.cs - Use WebApplication.CreateBuilder() minimal hosting pattern - Add Foundatio.Mediator 1.2.1 package reference - Add Microsoft.Extensions.ApiDescription.Server for build-time OpenAPI - Add stub MapApiEndpoints() extension for future endpoint registrations - Update AppWebHostFactory to use WebApplicationFactory<Program> - Remove Startup.cs Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- ApiEndpointGroups: shared route group builder with auth policy - ApiResults: OkWithLinks, OkWithResourceLinks, Permission, WorkInProgress helpers - Pagination: limit/page/skip helpers extracted from base controller - TimeRangeParser: time range parsing extracted from base controller - CurrentUserAccessor: HttpContext user helpers - ConfigurationResponseEndpointFilter: config version header filter - ApiResponseHeadersEndpointFilter: common response headers - ApiValidation: MiniValidation wrapper for endpoint validation Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Create Messages/StatusMessages.cs with command/query records - Create Handlers/StatusHandler.cs and UtilityHandler.cs with mediator handlers - Create Endpoints/StatusEndpoints.cs and UtilityEndpoints.cs - Remove StatusController.cs and UtilityController.cs - Wire up MapApiEndpoints() in ApiEndpoints.cs Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- TokenEndpoints: full CRUD with org/project scoped routes - WebHookEndpoints: CRUD plus Zapier subscribe/unsubscribe/test - StripeEndpoints: webhook receiver with signature validation - All use Foundatio.Mediator handler pattern - Remove TokenController, WebHookController, StripeController Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…ts with Foundatio.Mediator Replace MVC controllers with the same Minimal API + Mediator pattern used by Token, WebHook, and Status endpoints. Each controller is split into Messages (records), Handler (business logic), and Endpoints (HTTP routing via IMediator). Preserves all routes, route constraints (:objectid, :token, :minlength), auth policies (User, GlobalAdmin), named routes (GetSavedViewById, GetUserById), and behavior including predefined saved view management, email verification, admin role management, and rate-limited email updates. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- ProjectEndpoints: full CRUD, config, notifications, integrations, Slack - OrganizationEndpoints: full CRUD, invoices, plans, suspend - Preserve all routes, auth policies, route names - Remove ProjectController.cs and OrganizationController.cs Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- AuthEndpoints: login, signup, OAuth, forgot-password, change-password - Preserve AllowAnonymous on public auth routes - Port complete OAuth flow (Google, Facebook, GitHub, Microsoft) - Remove AuthController.cs Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Replace MVC controllers with Foundatio.Mediator-based Minimal API endpoints following the established pattern (Messages/Handlers/Endpoints). All routes, authorization policies, and route names are preserved. - AdminController → AdminMessages + AdminHandler + AdminEndpoints - StackController → StackMessages + StackHandler + StackEndpoints - EventController → EventMessages + EventHandler + EventEndpoints - Update ApiEndpoints.cs to register new endpoint groups - Fix ControllerManifestTests assembly reference (no controllers remain)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Remove AddControllers() and MapControllers() from Program.cs - Remove AddAutoValidation() (MVC-specific filter) - Remove ExceptionlessApiController, ReadOnlyRepositoryApiController, RepositoryApiController base classes - Keep shared types (PermissionResult, TimeInfo, WorkInProgressResult, ModelActionResults) - Update ControllerManifestTests to verify no MVC controllers remain - Full solution builds with 0 errors Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- EndpointManifestTests: verifies all endpoint classes are registered - OpenApiSnapshotTests: lightweight test app for OpenAPI document verification - MinimalApiTestApp: shared test host without Elasticsearch dependency - SnapshotTestHelper: shared snapshot comparison utility - Remove old OpenApiControllerTests (replaced by snapshot approach) - Generate initial endpoint-manifest.json and openapi.json baselines Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…ebhook subscribe route, user-agent - Restore :token/:tokens route constraints on token endpoints - Add canonical api/v2/webhooks/subscribe route (was only versioned) - Create AutoValidationEndpointFilter for Minimal API auto-validation - Register auto-validation filter on all endpoint groups - Remove dead ApiEndpointGroups.cs - Fix UserAgent header regression: prefer X-Exceptionless-Client over User-Agent - Fix Stripe trailing slash: map POST directly without empty-string sub-route - Delete obsolete controller-manifest.json test fixture Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Routes now match pre-migration manifest (184 endpoints, all constraints preserved). Only remaining diff: versioned subscribe route template lacks =2 default (Minimal API limitation; covered by canonical api/v2/webhooks/subscribe route). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Replace Host.CreateDefaultBuilder()/ConfigureWebHostDefaults() with WebApplication.CreateBuilder() for consistency with the web project. Preserves all behavior: health checks, Serilog, APM, job registration. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Port all XML doc summaries, parameter descriptions, and response descriptions from the old MVC controllers to Minimal API endpoints using .WithSummary() and .WithMetadata(EndpointDocumentation) with a custom IOpenApiOperationTransformer. Results vs old spec (128/348/244 target): - Summaries: 128/128 (100%) - Parameter descriptions: 298/348 (86% - gap is from params not in lambda signatures like headers and manual query params) - Response descriptions: 266 total responses documented (exceeds 244) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Extend EndpointDocumentationOperationTransformer to support injecting additional parameters (e.g. User-Agent header, query string arrays). Add Produces<T>() and ProducesProblem() declarations across all endpoint files to document response types and error codes. This brings coverage to: - Summaries: 128 (unchanged) - Parameters: 409 (was 287, added 122) - Response codes: 353 (was 231, added 122) - Schemas: 49 (was 43, added 6) Update snapshot test assertion from 200 to 202 for user-description endpoint to match its actual Accepted semantics.
Change endpoint group tags from plural to singular to match the old MVC controller-derived tags (Event, Organization, Project, Stack, User, etc.). Add explicit WithTags to Token, WebHook groups and all v1 endpoints that previously inherited tags from their controller class. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
![github-code-quality[bot]](https://avatars.githubusercontent.com/u/9919?s=60&v=4){kind=small}
- Disable ValidateOnBuild in WebApplication.CreateBuilder since the service graph uses lambda factories (queues, caching, Elasticsearch) that resolve dependencies at runtime via IServiceProvider. The old Generic Host path did not enable this validation. - Add using/dispose to StreamReader in StripeEndpoints - Add using/dispose to MemoryStream in EventHandler - Add using/dispose to ScopedCacheClient in EventHandler and StackHandler - Refactor AutoValidationEndpointFilter to use Where() filtering - Refactor DeleteEvents/DeleteStacks to use LINQ Where() instead of mutating a list inside a foreach loop Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
The ValidateOnBuild=false in Program.cs via builder.Host.UseDefaultServiceProvider() does not take effect in the minimal hosting model when used with WebApplicationFactory. The ConfigureHostBuilder stores but may not replay service provider options. Fix: Add builder.UseDefaultServiceProvider() in AppWebHostFactory.ConfigureWebHost where the IWebHostBuilder properly replaces the service provider factory. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
niemyjski
force-pushed
the
niemyjski/minimal-api-mediator-openapi-migration
branch
from
ecc217a to
30aed31
Compare
The old MVC base controller (ReadOnlyRepositoryApiController) checked CanAccessOrganization in its GetModelAsync since Organization implements IOwnedByOrganization. The new handler's GetModelAsync was missing this check, allowing any authenticated user to fetch any organization by ID. Fix: Inject IHttpContextAccessor and check CanAccessOrganization(model.Id) in both GetModelAsync and GetModelsAsync, matching the pattern used by TokenHandler, UserHandler, WebHookHandler, and SavedViewHandler. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Add Result infrastructure (ApiResultMapper, PagedResult, ResultExtensions) - Migrate TokenHandler from IResult to Result<T> (transport-agnostic) - Update TokenEndpoints to invoke Result<T> and call .ToHttpResult() - Handlers no longer reference HttpResults/TypedResults - PagedResult<T> carries pagination metadata, mapped to Link headers - WorkInProgressResult detected and returned as 202 Accepted - All 30 token tests pass, OpenAPI snapshot unchanged Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- StackHandler: All methods now return Result<T> types - AuthHandler: OAuth/login flows return Result<T>, HTML content returns Result<string> - EventHandler: Raw ingestion accepts bytes via message, returns Result - StripeHandler: Webhook processing returns Result (non-generic) - Add TooManyRequests (429) support to ResultExtensions - Update corresponding endpoint files to use .ToHttpResult() Remaining: WebHook, Admin, User, SavedView, Project, Organization Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…handlers to Result<T> Complete the Result<T> migration for all remaining handlers: - WebHookHandler: CRUD operations return Result<T> - AdminHandler: Admin operations return Result<T>/Result - UserHandler: User management returns Result<T> - SavedViewHandler: View operations return Result<T> - ProjectHandler: Project CRUD/config returns Result<T> - OrganizationHandler: Organization management returns Result<T> Infrastructure additions: - NotModifiedResponse type for HTTP 304 support - plan_limit validation error → HTTP 426 mapping - NotModified detection in ResultExtensions All handlers now return transport-agnostic Result types. Zero IResult references remain in handler layer. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Result.BadRequest() now puts message in 'title' field (matching original Problem() behavior) instead of 'detail' - Same pattern for NotFound, Forbidden, Unauthorized, Conflict - ProjectHandler: Use Result.BadRequest() for name/org validation (was 400) - OrganizationHandler: Use Result.BadRequest() for name validation (was 400) - OrganizationHandler: Keep Result.Invalid() for plan change (was 422) - SavedViewHandler: Use Result.BadRequest() for org cap limit (was 400) - StackHandler: Use plan_limit identifier for non-premium (→ 426) - StackHandler: Use not_implemented identifier for no webhooks (→ 501) - WebHookHandler: Add null check for EventTypes to prevent NRE - ResultExtensions: Add not_implemented → 501 mapping - Fix SerializationAuditTests.Stacks_GetAfterEventPost date issue All 1868 tests pass (1 flaky CanPostManyEventsAsync passes in isolation). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Keep our Result<T> handler version, discard XML doc comments from the controller file that was already superseded by our migration. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- StripeHandler: Narrow catch clause with exception filter pattern (StripeException, JsonException, ArgumentException) - AutoValidationEndpointFilter: Replace foreach with LINQ ToDictionary - Update OpenAPI snapshot for 'issues' rename from main merge Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Fix ModelActionResults with failures returning 202 instead of 400 (preserving original controller bulk-delete behavior) - Add not_implemented identifier handling to ApiResultMapper (matching ResultExtensions behavior for Stack promote → 501) - Keep project_id validation in TokenEndpoints at 400 (matching original MVC [ApiController] model binding behavior) - Add defensive project_id check in TokenHandler.CanAddAsync Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Return ModelActionResults directly when all items are forbidden, matching original controller behavior that included per-ID failure information instead of a generic error message. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…atterns Add comprehensive documentation for the new architecture: - Endpoint + Handler pattern with Result<T> - Result→HTTP status code mapping table - Key rules and common pitfalls - Updated authorization for endpoint groups - Updated OpenAPI baseline workflow - Mark old controller pattern as deprecated Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Remove static _isFirstUserChecked guard from AuthHandler (writes to static field from instance method; user signups are rare enough that the extra CountAsync() is negligible) - Use ternary expressions in error dict building (ApiResultMapper, ResultExtensions) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
niemyjski
force-pushed
the
niemyjski/minimal-api-mediator-openapi-migration
branch
from
6d61b7e to
4ae63c3
Compare
- Add missing ResultStatus.Accepted case to ApiResultMapper (was falling through to 500 for Accepted results) - Cache PropertyInfo lookups in GetValue() using ConcurrentDictionary (eliminates per-request reflection allocation) - Stream event body directly from Request.Body through mediator to EventPostService — eliminates byte[] buffering (up to 200KB per POST) - Remove redundant Body property from SubmitEventByPost message; handler uses httpContext.Request.Body directly (matches original controller) - Early-exit in endpoint when ContentLength <= 0 (avoids mediator overhead) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
niemyjski
force-pushed
the
niemyjski/minimal-api-mediator-openapi-migration
branch
from
4ae63c3 to
43cceec
Compare
Port the following from main: - UsageService.IncrementDeletedAsync in EventHandler.DeleteEvents - currentUsage.Deleted and currentHourUsage.Deleted in Org/Project handlers - NotificationService replaces ICacheClient/IMessagePublisher in StatusHandler - Add 'publish' parameter to PostSystemNotification - Resolve merge conflicts (deleted controller files) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Comment on lines
+636
to
+639
| catch (Exception ex) | ||
| { | ||
| _logger.LogWarning(ex, "Failed to increment deleted usage metrics for org {OrganizationId} project {ProjectId}: {Message}", projectGroup.Key.OrganizationId, projectGroup.Key.ProjectId, ex.Message); | ||
| } |
The DELETE /api/v2/notifications/system endpoint was missing the 'publish' query parameter (default true) that the original controller passed to NotificationService.ClearSystemNotificationAsync(). Without this, the delete endpoint would always publish the notification regardless of the caller's intent. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Migrate all Exceptionless.Web controllers to Minimal API endpoints using Foundatio.Mediator for command/query dispatch.
What Changed
Startup.csinto single minimal hostingProgram.csWebApplication.CreateBuilder()minimal hostingEndpointDocumentationOperationTransformerKey Invariants Preserved
Structure
Migration Order (per OpenSpec)
Breaking Changes
None. All public routes, auth behavior, and response shapes are preserved.
Known Acceptable Differences
StringStringValuesKeyValuePairschema removed (MVC model binding artifact) →ProblemDetailsschema added (from.ProducesProblem())/api/v{apiVersion:int}/webhooks/subscribelacks=2default (Minimal API limitation, canonical/api/v2/webhooks/subscriberoute exists)