Use dotnet ef configuration provider for secrets

2025-07-09 03:04:20 -04:00 · 2024-04-23 17:13:59 +02:00 · 2024-04-23 17:13:59 +02:00 · e898f49402
commit e898f49402
parent 9b486c0c55
7 changed files with 49 additions and 19 deletions
--- a/back/src/Kyoo.Authentication/AuthenticationModule.cs
+++ b/back/src/Kyoo.Authentication/AuthenticationModule.cs
@ -36,10 +36,6 @@ public static class AuthenticationModule
 {
 	public static void ConfigureAuthentication(this WebApplicationBuilder builder)
 	{
-		string secret = builder.Configuration.GetValue(
-			"AUTHENTICATION_SECRET",
-			AuthenticationOption.DefaultSecret
-		)!;
 		PermissionOption options =
 			new()
 			{
@ -114,9 +110,8 @@ public static class AuthenticationModule
 					),
 			};
 		builder.Services.AddSingleton(options);
-		builder.Services.AddSingleton(
-			new AuthenticationOption() { Secret = secret, Permissions = options, }
-		);
+		var secret = builder.Configuration.GetValue<byte[]>("AUTHENTICATION_SECRET")!;
+		builder.Services.AddSingleton(new AuthenticationOption() { Secret = secret });

 		builder
 			.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
@ -145,7 +140,7 @@ public static class AuthenticationModule
 					ValidateAudience = false,
 					ValidateLifetime = true,
 					ValidateIssuerSigningKey = true,
-					IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secret))
+					IssuerSigningKey = new SymmetricSecurityKey(secret)
 				};
 			});

--- a/back/src/Kyoo.Authentication/Controllers/TokenController.cs
+++ b/back/src/Kyoo.Authentication/Controllers/TokenController.cs
@ -28,7 +28,7 @@ using Microsoft.IdentityModel.Tokens;

 namespace Kyoo.Authentication;

-public class TokenController(ServerOptions options) : ITokenController
+public class TokenController(AuthenticationOption options) : ITokenController
 {
 	/// <inheritdoc />
 	public string CreateAccessToken(User user, out TimeSpan expireIn)
--- a/back/src/Kyoo.Authentication/Models/Options/AuthenticationOption.cs
+++ b/back/src/Kyoo.Authentication/Models/Options/AuthenticationOption.cs
@ -16,9 +16,9 @@
 // You should have received a copy of the GNU General Public License
 // along with Kyoo. If not, see <https://www.gnu.org/licenses/>.

-namespace Kyoo.Abstractions.Models;
+namespace Kyoo.Authentication.Models;

-public class ServerOptions
+public class AuthenticationOption
 {
-	public byte[] Secret { get; }
+	public byte[] Secret { get; set; }
 }
--- a/back/src/Kyoo.Core/CoreModule.cs
+++ b/back/src/Kyoo.Core/CoreModule.cs
@ -66,11 +66,5 @@ public static class CoreModule
 		builder.Services.AddScoped<IIssueRepository, IssueRepository>();
 		builder.Services.AddScoped<SqlVariableContext>();
 		builder.Services.AddScoped<MiscRepository>();
-
-		builder.Services.AddSingleton<ServerOptions>(x => {
-			using var scope = x.CreateScope();
-			var db = scope.ServiceProvider.GetRequiredService<DatabaseContext>();
-			return db.Set<ServerOptions>().Single();
-		});
 	}
 }
--- a/back/src/Kyoo.Postgresql/DatabaseContext.cs
+++ b/back/src/Kyoo.Postgresql/DatabaseContext.cs
@ -66,7 +66,8 @@ public abstract class DatabaseContext : DbContext
 	public DbSet<EpisodeWatchStatus> EpisodeWatchStatus { get; set; }

 	public DbSet<Issue> Issues { get; set; }
-	public DbSet<ServerOptions> Options { get; set; }
+
+	public DbSet<ServerOption> Options { get; set; }

 	/// <summary>
 	/// Add a many to many link between two resources.
@ -354,6 +355,8 @@ public abstract class DatabaseContext : DbContext
 		_HasJson<User, string>(modelBuilder, x => x.Settings);
 		_HasJson<User, ExternalToken>(modelBuilder, x => x.ExternalId);
 		_HasJson<Issue, object>(modelBuilder, x => x.Extra);
+
+		modelBuilder.Entity<ServerOption>().HasKey(x => x.Key);
 	}

 	public override int SaveChanges()
--- a/back/src/Kyoo.Postgresql/DbConfigurationProvider.cs
+++ b/back/src/Kyoo.Postgresql/DbConfigurationProvider.cs
@ -0,0 +1,28 @@
+using System;
+using System.Linq;
+using Kyoo.Postgresql;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.Extensions.Configuration;
+
+public class DbConfigurationProvider(Action<DbContextOptionsBuilder> action) : ConfigurationProvider
+{
+	public override void Load()
+	{
+		DbContextOptionsBuilder<PostgresContext> builder = new();
+		action(builder);
+		using var context = new PostgresContext(builder.Options, null!);
+		Data = context.Options.ToDictionary(c => c.Key, c => c.Value)!;
+	}
+}
+
+public class DbConfigurationSource(Action<DbContextOptionsBuilder> action) : IConfigurationSource
+{
+	public IConfigurationProvider Build(IConfigurationBuilder builder) =>
+		new DbConfigurationProvider(action);
+}
+
+public class ServerOption
+{
+	public string Key { get; set; }
+	public string Value { get; set; }
+}
--- a/back/src/Kyoo.Postgresql/PostgresModule.cs
+++ b/back/src/Kyoo.Postgresql/PostgresModule.cs
@ -16,6 +16,7 @@
 // You should have received a copy of the GNU General Public License
 // along with Kyoo. If not, see <https://www.gnu.org/licenses/>.

+using System;
 using System.Data.Common;
 using Kyoo.Abstractions.Models;
 using Microsoft.AspNetCore.Builder;
@ -69,5 +70,14 @@ public static class PostgresModule
 		);

 		builder.Services.AddHealthChecks().AddDbContextCheck<DatabaseContext>();
+		builder.Configuration.AddDbConfigurationProvider(x => x.UseNpgsql(dataSource));
+	}
+
+	private static void AddDbConfigurationProvider(
+		this IConfigurationBuilder builder,
+		Action<DbContextOptionsBuilder> action
+	)
+	{
+		builder.Add(new DbConfigurationSource(action));
 	}
 }