From 88477dffdd0811a5613dba0aa1db4818bf4fd058 Mon Sep 17 00:00:00 2001 From: crupest Date: Mon, 19 Dec 2022 12:24:54 +0800 Subject: Develop secret api. v43 --- .../CrupestApi.Secrets/SecretCreateRequest.cs | 9 -- .../CrupestApi/CrupestApi.Secrets/SecretInfo.cs | 48 ----------- .../CrupestApi.Secrets/SecretModifyRequest.cs | 37 --------- .../CrupestApi.Secrets/SecretNotExistException.cs | 18 ---- .../CrupestApi.Secrets/SecretsConstants.cs | 6 -- .../CrupestApi.Secrets/SecretsExtensions.cs | 19 +++++ .../SecretsWebApplicationExtensions.cs | 95 ---------------------- .../CrupestApi.Secrets/VerifySecretException.cs | 20 ----- 8 files changed, 19 insertions(+), 233 deletions(-) delete mode 100644 docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretCreateRequest.cs delete mode 100644 docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretInfo.cs delete mode 100644 docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretModifyRequest.cs delete mode 100644 docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretNotExistException.cs delete mode 100644 docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretsConstants.cs create mode 100644 docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretsExtensions.cs delete mode 100644 docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretsWebApplicationExtensions.cs delete mode 100644 docker/crupest-api/CrupestApi/CrupestApi.Secrets/VerifySecretException.cs (limited to 'docker/crupest-api/CrupestApi/CrupestApi.Secrets') diff --git a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretCreateRequest.cs b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretCreateRequest.cs deleted file mode 100644 index 5d0ea51..0000000 --- a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretCreateRequest.cs +++ /dev/null @@ -1,9 +0,0 @@ -namespace CrupestApi.Secrets; - -public class SecretCreateRequest -{ - public string Key { get; set; } = default!; - public string Secret { get; set; } = default!; - public string Description { get; set; } = default!; - public DateTime? ExpireTime { get; set; } -} \ No newline at end of file diff --git a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretInfo.cs b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretInfo.cs deleted file mode 100644 index 3aacaa1..0000000 --- a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretInfo.cs +++ /dev/null @@ -1,48 +0,0 @@ -using System.Security.Cryptography; -using System.Text; -using CrupestApi.Commons.Crud; - -namespace CrupestApi.Secrets; - -public class SecretInfo -{ - [Column(NotNull = true)] - public string Key { get; set; } = default!; - [Column(NotNull = true, Generated = true, NoUpdate = true, ActAsKey = true)] - public string Secret { get; set; } = default!; - [Column(DefaultEmptyForString = true)] - public string Description { get; set; } = default!; - [Column(NotNull = false)] - public DateTime? ExpireTime { get; set; } - [Column(NotNull = true)] - public bool Revoked { get; set; } - [Column(NotNull = true)] - public DateTime CreateTime { get; set; } - - private static RandomNumberGenerator RandomNumberGenerator = RandomNumberGenerator.Create(); - - private static string GenerateRandomKey(int length) - { - const string alphanum = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; - var result = new StringBuilder(length); - lock (RandomNumberGenerator) - { - for (int i = 0; i < length; i++) - { - result.Append(alphanum[RandomNumberGenerator.GetInt32(alphanum.Length)]); - } - } - return result.ToString(); - } - - - public static string SecretDefaultValueGenerator() - { - return GenerateRandomKey(16); - } - - public static DateTime CreateTimeDefaultValueGenerator() - { - return DateTime.UtcNow; - } -} diff --git a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretModifyRequest.cs b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretModifyRequest.cs deleted file mode 100644 index f632c6d..0000000 --- a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretModifyRequest.cs +++ /dev/null @@ -1,37 +0,0 @@ -namespace CrupestApi.Secrets; - -public class SecretModifyRequest -{ - public SecretModifyRequest() - { - - } - - public SecretModifyRequest(string? key, string? description) - { - Key = key; - Description = description; - SetExpireTime = false; - ExpireTime = null; - } - - public SecretModifyRequest(string? key, string? description, DateTime? expireTime, bool revoked) - { - if (revoked is not true) - { - throw new ArgumentException("Revoked can only be set to true."); - } - - Key = key; - Description = description; - SetExpireTime = true; - ExpireTime = expireTime; - Revoked = revoked; - } - - public string? Key { get; set; } - public string? Description { get; set; } - public bool SetExpireTime { get; set; } - public DateTime? ExpireTime { get; set; } - public bool Revoked { get; set; } -} diff --git a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretNotExistException.cs b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretNotExistException.cs deleted file mode 100644 index ad082ee..0000000 --- a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretNotExistException.cs +++ /dev/null @@ -1,18 +0,0 @@ -namespace CrupestApi.Secrets; - -public class SecretNotExistException : Exception -{ - public SecretNotExistException(string requestSecret) - : base($"Request secret {requestSecret} not found.") - { - RequestSecret = requestSecret; - } - - public SecretNotExistException(string requestSecret, string message) - : base(message) - { - RequestSecret = requestSecret; - } - - public string RequestSecret { get; set; } -} \ No newline at end of file diff --git a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretsConstants.cs b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretsConstants.cs deleted file mode 100644 index ea659a9..0000000 --- a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretsConstants.cs +++ /dev/null @@ -1,6 +0,0 @@ -namespace CrupestApi.Secrets; - -public static class SecretsConstants -{ - public const string SecretManagementKey = "crupest.secrets.management"; -} diff --git a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretsExtensions.cs b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretsExtensions.cs new file mode 100644 index 0000000..e09887b --- /dev/null +++ b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretsExtensions.cs @@ -0,0 +1,19 @@ +using CrupestApi.Commons.Secrets; +using CrupestApi.Commons.Crud; + +namespace CrupestApi.Secrets; + +public static class SecretsExtensions +{ + public static IServiceCollection AddSecrets(this IServiceCollection services) + { + services.AddCrud(); + return services; + } + + public static WebApplication MapSecrets(this WebApplication webApplication, string path = "/api/secrets") + { + webApplication.MapCrud(path, SecretsConstants.SecretManagementKey); + return webApplication; + } +} diff --git a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretsWebApplicationExtensions.cs b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretsWebApplicationExtensions.cs deleted file mode 100644 index 12d939b..0000000 --- a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/SecretsWebApplicationExtensions.cs +++ /dev/null @@ -1,95 +0,0 @@ -using CrupestApi.Commons; - -namespace CrupestApi.Secrets; - -public static class SecretsWebApplicationExtensions -{ - public static WebApplication UseCatchVerifySecretException(this WebApplication app) - { - app.Use(async (context, next) => - { - try - { - await next(context); - } - catch (VerifySecretException e) - { - await context.Response.WriteErrorMessageAsync(e.Message, e.Kind == VerifySecretException.ErrorKind.Unauthorized ? 401 : 403); - } - }); - - return app; - } - - public static async Task CheckSecret(this HttpContext context, string? key) - { - var secretsService = context.RequestServices.GetRequiredService(); - await secretsService.VerifySecretForHttpRequestAsync(context.Request, key); - } - - public static WebApplication MapSecrets(this WebApplication app, string path) - { - app.MapGet(path, async (context) => - { - await context.CheckSecret(SecretsConstants.SecretManagementKey); - var secretsService = context.RequestServices.GetRequiredService(); - var secrets = secretsService.GetSecretListAsync(); - await context.Response.WriteJsonAsync(secrets); - }); - - app.MapGet(path + "/:secret", async (context) => - { - await context.CheckSecret(SecretsConstants.SecretManagementKey); - var secretsService = context.RequestServices.GetRequiredService(); - var secret = context.Request.RouteValues["secret"]; - if (secret is null) - { - await context.Response.WriteErrorMessageAsync("Secret path parameter is invalid."); - return; - } - var secretInfo = secretsService.GetSecretAsync((string)secret); - await context.Response.WriteJsonAsync(secretInfo); - }); - - app.MapPost(path, async (context) => - { - await context.CheckSecret(SecretsConstants.SecretManagementKey); - var secretsService = context.RequestServices.GetRequiredService(); - var request = await context.Request.ReadFromJsonAsync(); - if (request is null) - { - await context.Response.WriteErrorMessageAsync("Failed to deserialize request body to SecretCreateRequest."); - return; - } - var secret = await secretsService.CreateSecretAsync(request.Key, request.Description, request.ExpireTime); - await context.Response.WriteJsonAsync(secret, 201, beforeWriteBody: (response) => - { - response.Headers.Location = context.Request.Path + "/" + secret.Secret; - }); - }); - - app.MapPost(path + "/:secret/revoke", async (context) => - { - await context.CheckSecret(SecretsConstants.SecretManagementKey); - var secretsService = context.RequestServices.GetRequiredService(); - var secret = context.Request.RouteValues["secret"]; - if (secret is null) - { - await context.Response.WriteErrorMessageAsync("Secret path parameter is invalid."); - return; - } - - try - { - await secretsService.RevokeSecretAsync((string)secret); - await context.Response.WriteMessageAsync("Secret revoked."); - } - catch (EntityNotExistException) - { - await context.Response.WriteErrorMessageAsync("Secret to revoke is invalid."); - } - }); - - return app; - } -} diff --git a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/VerifySecretException.cs b/docker/crupest-api/CrupestApi/CrupestApi.Secrets/VerifySecretException.cs deleted file mode 100644 index 795fa3e..0000000 --- a/docker/crupest-api/CrupestApi/CrupestApi.Secrets/VerifySecretException.cs +++ /dev/null @@ -1,20 +0,0 @@ -namespace CrupestApi.Secrets; - -public class VerifySecretException : Exception -{ - public VerifySecretException(string? requestKey, string message, ErrorKind kind = ErrorKind.Unauthorized) : base(message) - { - RequestKey = requestKey; - Kind = kind; - } - - public enum ErrorKind - { - Unauthorized, - Forbidden - } - - public ErrorKind Kind { get; set; } - - public string? RequestKey { get; set; } -} -- cgit v1.2.3