using System.Net.Http.Headers; using System.Net.Http.Json; using System.Text.Json.Serialization; using Acl.Application; namespace Acl.Infrastructure; /// The only code that talks to OpenZaak's Zaken API (ADR-0001). public sealed class OpenZaakGateway(HttpClient http, OpenZaakOptions options) : IZaakGateway { public async Task OpenZaakAsync(ZaakRequest request, CancellationToken ct = default) { ArgumentNullException.ThrowIfNull(request); using var message = new HttpRequestMessage( HttpMethod.Post, new Uri(options.BaseUrl, "/zaken/api/v1/zaken")) { Content = JsonContent.Create(new ZaakDto( request.Bronorganisatie, request.Zaaktype.ToString(), request.VerantwoordelijkeOrganisatie, request.Startdatum.ToString("yyyy-MM-dd"), request.Vertrouwelijkheidaanduiding, request.Identificatie)), }; message.Headers.Authorization = new AuthenticationHeaderValue("Bearer", ZgwToken.Mint(options.ClientId, options.Secret)); // ZRC is a geo API; it requires the CRS headers. message.Headers.Add("Accept-Crs", "EPSG:4326"); message.Content.Headers.Add("Content-Crs", "EPSG:4326"); // OpenZaak runs behind uwsgi, which rejects a chunked request body with 400. // JsonContent streams without a known length (→ Transfer-Encoding: chunked), // so buffer it first to send a Content-Length instead. Only a real OpenZaak // surfaces this — a stubbed HttpMessageHandler accepts either framing. await message.Content.LoadIntoBufferAsync(ct); using var response = await http.SendAsync(message, ct); response.EnsureSuccessStatusCode(); var created = await response.Content.ReadFromJsonAsync(ct) ?? throw new InvalidOperationException("OpenZaak returned an empty zaak response"); return new Uri(created.Url); } public async Task SetZaakToEindstatusAsync(Uri zaakUrl, Uri zaaktypeUrl, DateOnly datumStatusGezet, CancellationToken ct = default) { ArgumentNullException.ThrowIfNull(zaakUrl); ArgumentNullException.ThrowIfNull(zaaktypeUrl); var eindstatus = await ResolveEindstatusAsync(zaaktypeUrl, ct); var resultaattype = await ResolveResultaattypeAsync(zaaktypeUrl, ct); // OpenZaak refuses to set a zaak's eindstatus unless the zaak has a resultaat // ("resultaat-does-not-exist"), so record the resultaat first, then the status. await PostAsync("/zaken/api/v1/resultaten", new ResultaatDto(zaakUrl.ToString(), resultaattype.ToString()), "Setting the zaak resultaat", ct); await PostAsync("/zaken/api/v1/statussen", // datumStatusGezet is a ZGW date-time; set it at the start of the given day (UTC). new StatusDto(zaakUrl.ToString(), eindstatus.ToString(), datumStatusGezet.ToDateTime(TimeOnly.MinValue, DateTimeKind.Utc).ToString("yyyy-MM-ddTHH:mm:ssZ")), "Setting the zaak status", ct); } public async Task GetZaakIdentificatieAsync(Uri zaakUrl, CancellationToken ct = default) { ArgumentNullException.ThrowIfNull(zaakUrl); using var message = new HttpRequestMessage(HttpMethod.Get, zaakUrl); message.Headers.Authorization = new AuthenticationHeaderValue("Bearer", ZgwToken.Mint(options.ClientId, options.Secret)); // The zaak is a geo resource; the Zaken API requires the CRS header even on GET. message.Headers.Add("Accept-Crs", "EPSG:4326"); using var response = await http.SendAsync(message, ct); await EnsureSuccessAsync(response, "Reading the zaak", ct); var zaak = await response.Content.ReadFromJsonAsync(ct) ?? throw new InvalidOperationException("OpenZaak returned an empty zaak response"); return zaak.Identificatie; } // POSTs a non-geo ZGW resource (resultaat/status — no CRS headers). Buffers the body so uwsgi gets // a Content-Length instead of a chunked body (as with zaak-create). private async Task PostAsync(string path, object dto, string action, CancellationToken ct) { using var message = new HttpRequestMessage(HttpMethod.Post, new Uri(options.BaseUrl, path)) { Content = JsonContent.Create(dto), }; message.Headers.Authorization = new AuthenticationHeaderValue("Bearer", ZgwToken.Mint(options.ClientId, options.Secret)); await message.Content.LoadIntoBufferAsync(ct); using var response = await http.SendAsync(message, ct); await EnsureSuccessAsync(response, action, ct); } // EnsureSuccessStatusCode discards the response body; ZGW returns a JSON problem detail on 400 that // is essential for diagnosing a rejected request, so surface it in the exception. private static async Task EnsureSuccessAsync(HttpResponseMessage response, string action, CancellationToken ct) { if (response.IsSuccessStatusCode) return; var body = await response.Content.ReadAsStringAsync(ct); throw new HttpRequestException($"{action} failed: {(int)response.StatusCode} {response.ReasonPhrase}. {body}"); } /// Resolve the zaaktype's eindstatus (the terminal statustype) from the catalogus. private async Task ResolveEindstatusAsync(Uri zaaktypeUrl, CancellationToken ct) { var page = await GetCatalogusAsync("statustypen", zaaktypeUrl, "statustypen", ct); var results = page.Results ?? []; // OpenZaak flags the terminal statustype (highest volgnummer) as isEindstatus; fall back to the // highest volgnummer if the flag is absent. var eindstatus = results.FirstOrDefault(s => s.IsEindstatus) ?? results.OrderByDescending(s => s.Volgnummer).FirstOrDefault() ?? throw new InvalidOperationException($"No statustypen found for zaaktype {zaaktypeUrl}"); return new Uri(eindstatus.Url); } /// Resolve the zaaktype's resultaattype from the catalogus (the seed defines one). private async Task ResolveResultaattypeAsync(Uri zaaktypeUrl, CancellationToken ct) { var page = await GetCatalogusAsync("resultaattypen", zaaktypeUrl, "resultaattypen", ct); var resultaattype = (page.Results ?? []).FirstOrDefault() ?? throw new InvalidOperationException($"No resultaattypen found for zaaktype {zaaktypeUrl}"); return new Uri(resultaattype.Url); } // GETs a catalogus collection filtered by zaaktype (status=alles includes concept + published). private async Task GetCatalogusAsync(string resource, Uri zaaktypeUrl, string label, CancellationToken ct) { var query = new Uri(options.BaseUrl, $"/catalogi/api/v1/{resource}?status=alles&zaaktype=" + Uri.EscapeDataString(zaaktypeUrl.ToString())); using var message = new HttpRequestMessage(HttpMethod.Get, query); message.Headers.Authorization = new AuthenticationHeaderValue("Bearer", ZgwToken.Mint(options.ClientId, options.Secret)); using var response = await http.SendAsync(message, ct); await EnsureSuccessAsync(response, $"Querying {label}", ct); return await response.Content.ReadFromJsonAsync(ct) ?? throw new InvalidOperationException($"OpenZaak returned an empty {label} response"); } private sealed record ZaakDto( [property: JsonPropertyName("bronorganisatie")] string Bronorganisatie, [property: JsonPropertyName("zaaktype")] string Zaaktype, [property: JsonPropertyName("verantwoordelijkeOrganisatie")] string VerantwoordelijkeOrganisatie, [property: JsonPropertyName("startdatum")] string Startdatum, [property: JsonPropertyName("vertrouwelijkheidaanduiding")] string Vertrouwelijkheidaanduiding, [property: JsonPropertyName("identificatie")] string Identificatie); private sealed record ZaakCreatedDto( [property: JsonPropertyName("url")] string Url); private sealed record ZaakReadDto( [property: JsonPropertyName("identificatie")] string Identificatie); private sealed record StatusDto( [property: JsonPropertyName("zaak")] string Zaak, [property: JsonPropertyName("statustype")] string Statustype, [property: JsonPropertyName("datumStatusGezet")] string DatumStatusGezet); private sealed record StatustypePage( [property: JsonPropertyName("results")] IReadOnlyList? Results); private sealed record StatustypeDto( [property: JsonPropertyName("url")] string Url, [property: JsonPropertyName("volgnummer")] int Volgnummer, [property: JsonPropertyName("isEindstatus")] bool IsEindstatus); private sealed record ResultaatDto( [property: JsonPropertyName("zaak")] string Zaak, [property: JsonPropertyName("resultaattype")] string Resultaattype); private sealed record ResultaattypePage( [property: JsonPropertyName("results")] IReadOnlyList? Results); private sealed record ResultaattypeDto( [property: JsonPropertyName("url")] string Url); }