Use dotnet ef configuration provider for secrets

This commit is contained in:
Zoe Roux 2024-04-23 17:13:59 +02:00
parent 9b486c0c55
commit e898f49402
No known key found for this signature in database
7 changed files with 49 additions and 19 deletions

View File

@ -36,10 +36,6 @@ public static class AuthenticationModule
{ {
public static void ConfigureAuthentication(this WebApplicationBuilder builder) public static void ConfigureAuthentication(this WebApplicationBuilder builder)
{ {
string secret = builder.Configuration.GetValue(
"AUTHENTICATION_SECRET",
AuthenticationOption.DefaultSecret
)!;
PermissionOption options = PermissionOption options =
new() new()
{ {
@ -114,9 +110,8 @@ public static class AuthenticationModule
), ),
}; };
builder.Services.AddSingleton(options); builder.Services.AddSingleton(options);
builder.Services.AddSingleton( var secret = builder.Configuration.GetValue<byte[]>("AUTHENTICATION_SECRET")!;
new AuthenticationOption() { Secret = secret, Permissions = options, } builder.Services.AddSingleton(new AuthenticationOption() { Secret = secret });
);
builder builder
.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
@ -145,7 +140,7 @@ public static class AuthenticationModule
ValidateAudience = false, ValidateAudience = false,
ValidateLifetime = true, ValidateLifetime = true,
ValidateIssuerSigningKey = true, ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secret)) IssuerSigningKey = new SymmetricSecurityKey(secret)
}; };
}); });

View File

@ -28,7 +28,7 @@ using Microsoft.IdentityModel.Tokens;
namespace Kyoo.Authentication; namespace Kyoo.Authentication;
public class TokenController(ServerOptions options) : ITokenController public class TokenController(AuthenticationOption options) : ITokenController
{ {
/// <inheritdoc /> /// <inheritdoc />
public string CreateAccessToken(User user, out TimeSpan expireIn) public string CreateAccessToken(User user, out TimeSpan expireIn)

View File

@ -16,9 +16,9 @@
// You should have received a copy of the GNU General Public License // You should have received a copy of the GNU General Public License
// along with Kyoo. If not, see <https://www.gnu.org/licenses/>. // along with Kyoo. If not, see <https://www.gnu.org/licenses/>.
namespace Kyoo.Abstractions.Models; namespace Kyoo.Authentication.Models;
public class ServerOptions public class AuthenticationOption
{ {
public byte[] Secret { get; } public byte[] Secret { get; set; }
} }

View File

@ -66,11 +66,5 @@ public static class CoreModule
builder.Services.AddScoped<IIssueRepository, IssueRepository>(); builder.Services.AddScoped<IIssueRepository, IssueRepository>();
builder.Services.AddScoped<SqlVariableContext>(); builder.Services.AddScoped<SqlVariableContext>();
builder.Services.AddScoped<MiscRepository>(); builder.Services.AddScoped<MiscRepository>();
builder.Services.AddSingleton<ServerOptions>(x => {
using var scope = x.CreateScope();
var db = scope.ServiceProvider.GetRequiredService<DatabaseContext>();
return db.Set<ServerOptions>().Single();
});
} }
} }

View File

@ -66,7 +66,8 @@ public abstract class DatabaseContext : DbContext
public DbSet<EpisodeWatchStatus> EpisodeWatchStatus { get; set; } public DbSet<EpisodeWatchStatus> EpisodeWatchStatus { get; set; }
public DbSet<Issue> Issues { get; set; } public DbSet<Issue> Issues { get; set; }
public DbSet<ServerOptions> Options { get; set; }
public DbSet<ServerOption> Options { get; set; }
/// <summary> /// <summary>
/// Add a many to many link between two resources. /// Add a many to many link between two resources.
@ -354,6 +355,8 @@ public abstract class DatabaseContext : DbContext
_HasJson<User, string>(modelBuilder, x => x.Settings); _HasJson<User, string>(modelBuilder, x => x.Settings);
_HasJson<User, ExternalToken>(modelBuilder, x => x.ExternalId); _HasJson<User, ExternalToken>(modelBuilder, x => x.ExternalId);
_HasJson<Issue, object>(modelBuilder, x => x.Extra); _HasJson<Issue, object>(modelBuilder, x => x.Extra);
modelBuilder.Entity<ServerOption>().HasKey(x => x.Key);
} }
public override int SaveChanges() public override int SaveChanges()

View File

@ -0,0 +1,28 @@
using System;
using System.Linq;
using Kyoo.Postgresql;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Configuration;
public class DbConfigurationProvider(Action<DbContextOptionsBuilder> action) : ConfigurationProvider
{
public override void Load()
{
DbContextOptionsBuilder<PostgresContext> builder = new();
action(builder);
using var context = new PostgresContext(builder.Options, null!);
Data = context.Options.ToDictionary(c => c.Key, c => c.Value)!;
}
}
public class DbConfigurationSource(Action<DbContextOptionsBuilder> action) : IConfigurationSource
{
public IConfigurationProvider Build(IConfigurationBuilder builder) =>
new DbConfigurationProvider(action);
}
public class ServerOption
{
public string Key { get; set; }
public string Value { get; set; }
}

View File

@ -16,6 +16,7 @@
// You should have received a copy of the GNU General Public License // You should have received a copy of the GNU General Public License
// along with Kyoo. If not, see <https://www.gnu.org/licenses/>. // along with Kyoo. If not, see <https://www.gnu.org/licenses/>.
using System;
using System.Data.Common; using System.Data.Common;
using Kyoo.Abstractions.Models; using Kyoo.Abstractions.Models;
using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Builder;
@ -69,5 +70,14 @@ public static class PostgresModule
); );
builder.Services.AddHealthChecks().AddDbContextCheck<DatabaseContext>(); builder.Services.AddHealthChecks().AddDbContextCheck<DatabaseContext>();
builder.Configuration.AddDbConfigurationProvider(x => x.UseNpgsql(dataSource));
}
private static void AddDbConfigurationProvider(
this IConfigurationBuilder builder,
Action<DbContextOptionsBuilder> action
)
{
builder.Add(new DbConfigurationSource(action));
} }
} }