aboutsummaryrefslogtreecommitdiff
path: root/docker/crupest-api/CrupestApi/CrupestApi.Secrets
diff options
context:
space:
mode:
Diffstat (limited to 'docker/crupest-api/CrupestApi/CrupestApi.Secrets')
-rw-r--r--docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretCreateRequest.cs9
-rw-r--r--docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretInfo.cs48
-rw-r--r--docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretModifyRequest.cs37
-rw-r--r--docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretNotExistException.cs18
-rw-r--r--docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretsConstants.cs6
-rw-r--r--docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretsExtensions.cs19
-rw-r--r--docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretsWebApplicationExtensions.cs95
-rw-r--r--docker/crupest-api/CrupestApi/CrupestApi.Secrets/VerifySecretException.cs20
8 files changed, 19 insertions, 233 deletions
diff --git a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretCreateRequest.cs b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretCreateRequest.cs
deleted file mode 100644
index 5d0ea51..0000000
--- a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretCreateRequest.cs
+++ /dev/null
@@ -1,9 +0,0 @@
-namespace CrupestApi.Secrets;
-
-public class SecretCreateRequest
-{
- public string Key { get; set; } = default!;
- public string Secret { get; set; } = default!;
- public string Description { get; set; } = default!;
- public DateTime? ExpireTime { get; set; }
-} \ No newline at end of file
diff --git a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretInfo.cs b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretInfo.cs
deleted file mode 100644
index 3aacaa1..0000000
--- a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretInfo.cs
+++ /dev/null
@@ -1,48 +0,0 @@
-using System.Security.Cryptography;
-using System.Text;
-using CrupestApi.Commons.Crud;
-
-namespace CrupestApi.Secrets;
-
-public class SecretInfo
-{
- [Column(NotNull = true)]
- public string Key { get; set; } = default!;
- [Column(NotNull = true, Generated = true, NoUpdate = true, ActAsKey = true)]
- public string Secret { get; set; } = default!;
- [Column(DefaultEmptyForString = true)]
- public string Description { get; set; } = default!;
- [Column(NotNull = false)]
- public DateTime? ExpireTime { get; set; }
- [Column(NotNull = true)]
- public bool Revoked { get; set; }
- [Column(NotNull = true)]
- public DateTime CreateTime { get; set; }
-
- private static RandomNumberGenerator RandomNumberGenerator = RandomNumberGenerator.Create();
-
- private static string GenerateRandomKey(int length)
- {
- const string alphanum = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
- var result = new StringBuilder(length);
- lock (RandomNumberGenerator)
- {
- for (int i = 0; i < length; i++)
- {
- result.Append(alphanum[RandomNumberGenerator.GetInt32(alphanum.Length)]);
- }
- }
- return result.ToString();
- }
-
-
- public static string SecretDefaultValueGenerator()
- {
- return GenerateRandomKey(16);
- }
-
- public static DateTime CreateTimeDefaultValueGenerator()
- {
- return DateTime.UtcNow;
- }
-}
diff --git a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretModifyRequest.cs b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretModifyRequest.cs
deleted file mode 100644
index f632c6d..0000000
--- a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretModifyRequest.cs
+++ /dev/null
@@ -1,37 +0,0 @@
-namespace CrupestApi.Secrets;
-
-public class SecretModifyRequest
-{
- public SecretModifyRequest()
- {
-
- }
-
- public SecretModifyRequest(string? key, string? description)
- {
- Key = key;
- Description = description;
- SetExpireTime = false;
- ExpireTime = null;
- }
-
- public SecretModifyRequest(string? key, string? description, DateTime? expireTime, bool revoked)
- {
- if (revoked is not true)
- {
- throw new ArgumentException("Revoked can only be set to true.");
- }
-
- Key = key;
- Description = description;
- SetExpireTime = true;
- ExpireTime = expireTime;
- Revoked = revoked;
- }
-
- public string? Key { get; set; }
- public string? Description { get; set; }
- public bool SetExpireTime { get; set; }
- public DateTime? ExpireTime { get; set; }
- public bool Revoked { get; set; }
-}
diff --git a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretNotExistException.cs b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretNotExistException.cs
deleted file mode 100644
index ad082ee..0000000
--- a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretNotExistException.cs
+++ /dev/null
@@ -1,18 +0,0 @@
-namespace CrupestApi.Secrets;
-
-public class SecretNotExistException : Exception
-{
- public SecretNotExistException(string requestSecret)
- : base($"Request secret {requestSecret} not found.")
- {
- RequestSecret = requestSecret;
- }
-
- public SecretNotExistException(string requestSecret, string message)
- : base(message)
- {
- RequestSecret = requestSecret;
- }
-
- public string RequestSecret { get; set; }
-} \ No newline at end of file
diff --git a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretsConstants.cs b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretsConstants.cs
deleted file mode 100644
index ea659a9..0000000
--- a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretsConstants.cs
+++ /dev/null
@@ -1,6 +0,0 @@
-namespace CrupestApi.Secrets;
-
-public static class SecretsConstants
-{
- public const string SecretManagementKey = "crupest.secrets.management";
-}
diff --git a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretsExtensions.cs b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretsExtensions.cs
new file mode 100644
index 0000000..e09887b
--- /dev/null
+++ b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretsExtensions.cs
@@ -0,0 +1,19 @@
+using CrupestApi.Commons.Secrets;
+using CrupestApi.Commons.Crud;
+
+namespace CrupestApi.Secrets;
+
+public static class SecretsExtensions
+{
+ public static IServiceCollection AddSecrets(this IServiceCollection services)
+ {
+ services.AddCrud<SecretInfo, SecretService>();
+ return services;
+ }
+
+ public static WebApplication MapSecrets(this WebApplication webApplication, string path = "/api/secrets")
+ {
+ webApplication.MapCrud<SecretInfo>(path, SecretsConstants.SecretManagementKey);
+ return webApplication;
+ }
+}
diff --git a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretsWebApplicationExtensions.cs b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretsWebApplicationExtensions.cs
deleted file mode 100644
index 12d939b..0000000
--- a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretsWebApplicationExtensions.cs
+++ /dev/null
@@ -1,95 +0,0 @@
-using CrupestApi.Commons;
-
-namespace CrupestApi.Secrets;
-
-public static class SecretsWebApplicationExtensions
-{
- public static WebApplication UseCatchVerifySecretException(this WebApplication app)
- {
- app.Use(async (context, next) =>
- {
- try
- {
- await next(context);
- }
- catch (VerifySecretException e)
- {
- await context.Response.WriteErrorMessageAsync(e.Message, e.Kind == VerifySecretException.ErrorKind.Unauthorized ? 401 : 403);
- }
- });
-
- return app;
- }
-
- public static async Task CheckSecret(this HttpContext context, string? key)
- {
- var secretsService = context.RequestServices.GetRequiredService<ISecretsService>();
- await secretsService.VerifySecretForHttpRequestAsync(context.Request, key);
- }
-
- public static WebApplication MapSecrets(this WebApplication app, string path)
- {
- app.MapGet(path, async (context) =>
- {
- await context.CheckSecret(SecretsConstants.SecretManagementKey);
- var secretsService = context.RequestServices.GetRequiredService<ISecretsService>();
- var secrets = secretsService.GetSecretListAsync();
- await context.Response.WriteJsonAsync(secrets);
- });
-
- app.MapGet(path + "/:secret", async (context) =>
- {
- await context.CheckSecret(SecretsConstants.SecretManagementKey);
- var secretsService = context.RequestServices.GetRequiredService<ISecretsService>();
- var secret = context.Request.RouteValues["secret"];
- if (secret is null)
- {
- await context.Response.WriteErrorMessageAsync("Secret path parameter is invalid.");
- return;
- }
- var secretInfo = secretsService.GetSecretAsync((string)secret);
- await context.Response.WriteJsonAsync(secretInfo);
- });
-
- app.MapPost(path, async (context) =>
- {
- await context.CheckSecret(SecretsConstants.SecretManagementKey);
- var secretsService = context.RequestServices.GetRequiredService<ISecretsService>();
- var request = await context.Request.ReadFromJsonAsync<SecretCreateRequest>();
- if (request is null)
- {
- await context.Response.WriteErrorMessageAsync("Failed to deserialize request body to SecretCreateRequest.");
- return;
- }
- var secret = await secretsService.CreateSecretAsync(request.Key, request.Description, request.ExpireTime);
- await context.Response.WriteJsonAsync(secret, 201, beforeWriteBody: (response) =>
- {
- response.Headers.Location = context.Request.Path + "/" + secret.Secret;
- });
- });
-
- app.MapPost(path + "/:secret/revoke", async (context) =>
- {
- await context.CheckSecret(SecretsConstants.SecretManagementKey);
- var secretsService = context.RequestServices.GetRequiredService<ISecretsService>();
- var secret = context.Request.RouteValues["secret"];
- if (secret is null)
- {
- await context.Response.WriteErrorMessageAsync("Secret path parameter is invalid.");
- return;
- }
-
- try
- {
- await secretsService.RevokeSecretAsync((string)secret);
- await context.Response.WriteMessageAsync("Secret revoked.");
- }
- catch (EntityNotExistException)
- {
- await context.Response.WriteErrorMessageAsync("Secret to revoke is invalid.");
- }
- });
-
- return app;
- }
-}
diff --git a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/VerifySecretException.cs b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/VerifySecretException.cs
deleted file mode 100644
index 795fa3e..0000000
--- a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/VerifySecretException.cs
+++ /dev/null
@@ -1,20 +0,0 @@
-namespace CrupestApi.Secrets;
-
-public class VerifySecretException : Exception
-{
- public VerifySecretException(string? requestKey, string message, ErrorKind kind = ErrorKind.Unauthorized) : base(message)
- {
- RequestKey = requestKey;
- Kind = kind;
- }
-
- public enum ErrorKind
- {
- Unauthorized,
- Forbidden
- }
-
- public ErrorKind Kind { get; set; }
-
- public string? RequestKey { get; set; }
-}
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-16 15:42:06 +0000