aboutsummaryrefslogtreecommitdiff
path: root/docker/crupest-api/CrupestApi/CrupestApi.Secrets
diff options
context:
space:
mode:
Diffstat (limited to 'docker/crupest-api/CrupestApi/CrupestApi.Secrets')
-rw-r--r--docker/crupest-api/CrupestApi/CrupestApi.Secrets/CrupestApi.Secrets.csproj4
-rw-r--r--docker/crupest-api/CrupestApi/CrupestApi.Secrets/ISecretsService.cs21
-rw-r--r--docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretInfo.cs21
-rw-r--r--docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretModifyRequest.cs30
-rw-r--r--docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretNotExistException.cs18
-rw-r--r--docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretsConstants.cs6
-rw-r--r--docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretsWebApplicationExtensions.cs42
-rw-r--r--docker/crupest-api/CrupestApi/CrupestApi.Secrets/VerifySecretException.cs11
8 files changed, 153 insertions, 0 deletions
diff --git a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/CrupestApi.Secrets.csproj b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/CrupestApi.Secrets.csproj
index 72a1294..2d78adb 100644
--- a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/CrupestApi.Secrets.csproj
+++ b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/CrupestApi.Secrets.csproj
@@ -1,5 +1,9 @@
<Project Sdk="Microsoft.NET.Sdk.Web">
+ <ItemGroup>
+ <ProjectReference Include="..\CrupestApi.Commons\CrupestApi.Commons.csproj" />
+ </ItemGroup>
+
<PropertyGroup>
<TargetFramework>net7.0</TargetFramework>
<Nullable>enable</Nullable>
diff --git a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/ISecretsService.cs b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/ISecretsService.cs
new file mode 100644
index 0000000..c42fbdc
--- /dev/null
+++ b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/ISecretsService.cs
@@ -0,0 +1,21 @@
+namespace CrupestApi.Secrets;
+
+public interface ISecretsService
+{
+ Task<List<SecretInfo>> GetSecretListAsync(bool includeExpired = false, bool includeRevoked = false);
+
+ Task<List<SecretInfo>> GetSecretListByKeyAsync(string key, bool includeExpired = false, bool includeRevoked = false);
+
+ Task<bool> VerifySecretAsync(string key, string secret);
+
+ // Check if "secret" query param exists and is only one. Then check the secret is valid for given key.
+ // If check fails, will throw a VerifySecretException with proper message that can be send to client.
+ Task VerifySecretForHttpRequestAsync(HttpRequest request, string key, string queryKey = "secret");
+
+ Task<SecretInfo> CreateSecretAsync(string key, string description, DateTime? expireTime = null);
+
+ Task RevokeSecretAsync(string secret);
+
+ // Throw SecretNotExistException if request secret does not exist.
+ Task<SecretInfo> ModifySecretAsync(string secret, SecretModifyRequest modifyRequest);
+}
diff --git a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretInfo.cs b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretInfo.cs
new file mode 100644
index 0000000..46ce501
--- /dev/null
+++ b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretInfo.cs
@@ -0,0 +1,21 @@
+namespace CrupestApi.Secrets;
+
+public class SecretInfo
+{
+ public SecretInfo(string key, string secret, string description, DateTime? expireTime, bool revoked, DateTime createdTime)
+ {
+ Key = key;
+ Secret = secret;
+ Description = description;
+ ExpireTime = expireTime;
+ Revoked = revoked;
+ CreateTime = createdTime;
+ }
+
+ public string Key { get; set; }
+ public string Secret { get; set; }
+ public string Description { get; set; }
+ public DateTime? ExpireTime { get; set; }
+ public bool Revoked { get; set; }
+ public DateTime CreateTime { get; set; }
+}
diff --git a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretModifyRequest.cs b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretModifyRequest.cs
new file mode 100644
index 0000000..dfff347
--- /dev/null
+++ b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretModifyRequest.cs
@@ -0,0 +1,30 @@
+namespace CrupestApi.Secrets;
+
+public class SecretModifyRequest
+{
+ public SecretModifyRequest()
+ {
+
+ }
+
+ public SecretModifyRequest(string? key, string? description)
+ {
+ Key = key;
+ Description = description;
+ SetExpireTime = false;
+ ExpireTime = null;
+ }
+
+ public SecretModifyRequest(string? key, string? description, DateTime? expireTime)
+ {
+ Key = key;
+ Description = description;
+ SetExpireTime = true;
+ ExpireTime = expireTime;
+ }
+
+ public string? Key { get; set; }
+ public string? Description { get; set; }
+ public bool SetExpireTime { get; set; }
+ public DateTime? ExpireTime { get; set; }
+}
diff --git a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretNotExistException.cs b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretNotExistException.cs
new file mode 100644
index 0000000..ad082ee
--- /dev/null
+++ b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretNotExistException.cs
@@ -0,0 +1,18 @@
+namespace CrupestApi.Secrets;
+
+public class SecretNotExistException : Exception
+{
+ public SecretNotExistException(string requestSecret)
+ : base($"Request secret {requestSecret} not found.")
+ {
+ RequestSecret = requestSecret;
+ }
+
+ public SecretNotExistException(string requestSecret, string message)
+ : base(message)
+ {
+ RequestSecret = requestSecret;
+ }
+
+ public string RequestSecret { get; set; }
+} \ No newline at end of file
diff --git a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretsConstants.cs b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretsConstants.cs
new file mode 100644
index 0000000..ea659a9
--- /dev/null
+++ b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretsConstants.cs
@@ -0,0 +1,6 @@
+namespace CrupestApi.Secrets;
+
+public static class SecretsConstants
+{
+ public const string SecretManagementKey = "crupest.secrets.management";
+}
diff --git a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretsWebApplicationExtensions.cs b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretsWebApplicationExtensions.cs
new file mode 100644
index 0000000..a771547
--- /dev/null
+++ b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretsWebApplicationExtensions.cs
@@ -0,0 +1,42 @@
+using CrupestApi.Commons;
+
+namespace CrupestApi.Secrets;
+
+public static class SecretsWebApplicationExtensions
+{
+ public static WebApplication UseCatchVerifySecretException(this WebApplication app)
+ {
+ app.Use(async (context, next) =>
+ {
+ try
+ {
+ await next(context);
+ }
+ catch (VerifySecretException e)
+ {
+ await context.Response.WriteErrorMessageAsync(e.Message, 401);
+ }
+ });
+
+ return app;
+ }
+
+ public static async Task CheckSecret(this HttpContext context, string key)
+ {
+ var secretsService = context.RequestServices.GetRequiredService<ISecretsService>();
+ await secretsService.VerifySecretForHttpRequestAsync(context.Request, SecretsConstants.SecretManagementKey);
+ }
+
+ public static WebApplication MapSecrets(this WebApplication app, string path)
+ {
+ app.MapGet(path, async (context) =>
+ {
+ await context.CheckSecret(SecretsConstants.SecretManagementKey);
+ var secretsService = context.RequestServices.GetRequiredService<ISecretsService>();
+ var secrets = secretsService.GetSecretListAsync();
+ await context.Response.WriteJsonAsync(secrets);
+ });
+
+ return app;
+ }
+}
diff --git a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/VerifySecretException.cs b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/VerifySecretException.cs
new file mode 100644
index 0000000..c9f60a1
--- /dev/null
+++ b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/VerifySecretException.cs
@@ -0,0 +1,11 @@
+namespace CrupestApi.Secrets;
+
+public class VerifySecretException : Exception
+{
+ public VerifySecretException(string requestKey, string message) : base(message)
+ {
+ RequestKey = requestKey;
+ }
+
+ public string RequestKey { get; set; }
+} \ No newline at end of file
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-29 21:58:49 +0000