Use dotnet ef configuration provider for secrets

2025-07-09 03:04:20 -04:00 · 2024-04-23 17:13:59 +02:00 · 2024-04-23 17:13:59 +02:00 · e898f49402
commit e898f49402
parent 9b486c0c55
7 changed files with 49 additions and 19 deletions
--- a/back/src/Kyoo.Authentication/AuthenticationModule.cs
+++ b/back/src/Kyoo.Authentication/AuthenticationModule.cs
@ -36,10 +36,6 @@ public static class AuthenticationModule
 {
 	public static void ConfigureAuthentication(this WebApplicationBuilder builder)
 	{
 		string secret = builder.Configuration.GetValue(
 			"AUTHENTICATION_SECRET",
 			AuthenticationOption.DefaultSecret
 		)!;
 		PermissionOption options =
 			new()
 			{
@ -114,9 +110,8 @@ public static class AuthenticationModule
 					),
 			};
 		builder.Services.AddSingleton(options);
-		builder.Services.AddSingleton(
+		var secret = builder.Configuration.GetValue<byte[]>("AUTHENTICATION_SECRET")!;
-			new AuthenticationOption() { Secret = secret, Permissions = options, }
+		builder.Services.AddSingleton(new AuthenticationOption() { Secret = secret });
 		);
 		builder
 			.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
@ -145,7 +140,7 @@ public static class AuthenticationModule
 					ValidateAudience = false,
 					ValidateLifetime = true,
 					ValidateIssuerSigningKey = true,
-					IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secret))
+					IssuerSigningKey = new SymmetricSecurityKey(secret)
 				};
 			});
--- a/back/src/Kyoo.Authentication/Controllers/TokenController.cs
+++ b/back/src/Kyoo.Authentication/Controllers/TokenController.cs
@ -28,7 +28,7 @@ using Microsoft.IdentityModel.Tokens;
 namespace Kyoo.Authentication;
-public class TokenController(ServerOptions options) : ITokenController
+public class TokenController(AuthenticationOption options) : ITokenController
 {
 	/// <inheritdoc />
 	public string CreateAccessToken(User user, out TimeSpan expireIn)
--- a/back/src/Kyoo.Authentication/Models/Options/AuthenticationOption.cs
+++ b/back/src/Kyoo.Authentication/Models/Options/AuthenticationOption.cs
@ -16,9 +16,9 @@
 // You should have received a copy of the GNU General Public License
 // along with Kyoo. If not, see <https://www.gnu.org/licenses/>.
-namespace Kyoo.Abstractions.Models;
+namespace Kyoo.Authentication.Models;
-public class ServerOptions
+public class AuthenticationOption
 {
-	public byte[] Secret { get; }
+	public byte[] Secret { get; set; }
 }
--- a/back/src/Kyoo.Core/CoreModule.cs
+++ b/back/src/Kyoo.Core/CoreModule.cs
@ -66,11 +66,5 @@ public static class CoreModule
 		builder.Services.AddScoped<IIssueRepository, IssueRepository>();
 		builder.Services.AddScoped<SqlVariableContext>();
 		builder.Services.AddScoped<MiscRepository>();
 		builder.Services.AddSingleton<ServerOptions>(x => {
 			using var scope = x.CreateScope();
 			var db = scope.ServiceProvider.GetRequiredService<DatabaseContext>();
 			return db.Set<ServerOptions>().Single();
 		});
 	}
 }
--- a/back/src/Kyoo.Postgresql/DatabaseContext.cs
+++ b/back/src/Kyoo.Postgresql/DatabaseContext.cs
@ -66,7 +66,8 @@ public abstract class DatabaseContext : DbContext
 	public DbSet<EpisodeWatchStatus> EpisodeWatchStatus { get; set; }
 	public DbSet<Issue> Issues { get; set; }
-	public DbSet<ServerOptions> Options { get; set; }
+
 	public DbSet<ServerOption> Options { get; set; }
 	/// <summary>
 	/// Add a many to many link between two resources.
@ -354,6 +355,8 @@ public abstract class DatabaseContext : DbContext
 		_HasJson<User, string>(modelBuilder, x => x.Settings);
 		_HasJson<User, ExternalToken>(modelBuilder, x => x.ExternalId);
 		_HasJson<Issue, object>(modelBuilder, x => x.Extra);
 		modelBuilder.Entity<ServerOption>().HasKey(x => x.Key);
 	}
 	public override int SaveChanges()
--- a/back/src/Kyoo.Postgresql/DbConfigurationProvider.cs
+++ b/back/src/Kyoo.Postgresql/DbConfigurationProvider.cs
@ -0,0 +1,28 @@
 using System;
 using System.Linq;
 using Kyoo.Postgresql;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.Extensions.Configuration;
 public class DbConfigurationProvider(Action<DbContextOptionsBuilder> action) : ConfigurationProvider
 {
 	public override void Load()
 	{
 		DbContextOptionsBuilder<PostgresContext> builder = new();
 		action(builder);
 		using var context = new PostgresContext(builder.Options, null!);
 		Data = context.Options.ToDictionary(c => c.Key, c => c.Value)!;
 	}
 }
 public class DbConfigurationSource(Action<DbContextOptionsBuilder> action) : IConfigurationSource
 {
 	public IConfigurationProvider Build(IConfigurationBuilder builder) =>
 		new DbConfigurationProvider(action);
 }
 public class ServerOption
 {
 	public string Key { get; set; }
 	public string Value { get; set; }
 }
--- a/back/src/Kyoo.Postgresql/PostgresModule.cs
+++ b/back/src/Kyoo.Postgresql/PostgresModule.cs
@ -16,6 +16,7 @@
 // You should have received a copy of the GNU General Public License
 // along with Kyoo. If not, see <https://www.gnu.org/licenses/>.
 using System;
 using System.Data.Common;
 using Kyoo.Abstractions.Models;
 using Microsoft.AspNetCore.Builder;
@ -69,5 +70,14 @@ public static class PostgresModule
 		);
 		builder.Services.AddHealthChecks().AddDbContextCheck<DatabaseContext>();
 		builder.Configuration.AddDbConfigurationProvider(x => x.UseNpgsql(dataSource));
 	}
 	private static void AddDbConfigurationProvider(
 		this IConfigurationBuilder builder,
 		Action<DbContextOptionsBuilder> action
 	)
 	{
 		builder.Add(new DbConfigurationSource(action));
 	}
 }