latest from desktop

author: ivarlovlie <git@ivarlovlie.no> 2022-06-30 01:04:48 +0200
committer: ivarlovlie <git@ivarlovlie.no> 2022-06-30 01:04:48 +0200
commit: 6f16b7ca72899e2ae81f4669cdf1b10a43c692e7 (patch)
tree: d2b1e249a0a9e953316dac9bfbcd415eda893e92 /server
parent: a19e31557f6ef33ed33d694968abe7416e878c60 (diff)
download: greatoffice-6f16b7ca72899e2ae81f4669cdf1b10a43c692e7.tar.xz
greatoffice-6f16b7ca72899e2ae81f4669cdf1b10a43c692e7.zip
4 files changed, 33 insertions, 13 deletions
diff --git a/server/src/Jobs/TokenCleanupJob.cs b/server/src/Jobs/TokenCleanupJob.cs
index 3b042b3..fce40c9 100644
--- a/server/src/Jobs/TokenCleanupJob.cs
+++ b/server/src/Jobs/TokenCleanupJob.cs
@@ -13,9 +13,10 @@ public class TokenCleanupJob : IJob
 	}
 
 	public Task Execute(IJobExecutionContext context) {
-		var staleTokens = _context.AccessTokens.Where(c => c.ExpiryDate < AppDateTime.UtcNow);
+		var staleTokens = _context.AccessTokens.Where(c => c.ExpiryDate < AppDateTime.UtcNow).ToList();
+		if (staleTokens.IsNullOrEmpty()) return Task.CompletedTask;
 		_logger.LogInformation("Removing {0} stale tokens", staleTokens.Count());
-		_context.AccessTokens.RemoveRange();
+		_context.AccessTokens.RemoveRange(staleTokens);
 		return Task.CompletedTask;
 	}
 }
diff --git a/server/src/Jobs/VaultTokenRenewalJob.cs b/server/src/Jobs/VaultTokenRenewalJob.cs
new file mode 100644
index 0000000..fffbf7c
--- /dev/null
+++ b/server/src/Jobs/VaultTokenRenewalJob.cs
@@ -0,0 +1,15 @@
+using Quartz;
+
+namespace IOL.GreatOffice.Api.Jobs;
+
+public class VaultTokenRenewalJob : IJob
+{
+	private readonly ILogger<VaultTokenRenewalJob> _logger;
+	public VaultTokenRenewalJob(ILogger<VaultTokenRenewalJob> logger) {
+		_logger = logger;
+	}
+
+	public Task Execute(IJobExecutionContext context) {
+		return Task.CompletedTask;
+	}
+}
diff --git a/server/src/Program.cs b/server/src/Program.cs
index b7e6ce6..d7bbf9f 100644
--- a/server/src/Program.cs
+++ b/server/src/Program.cs
@@ -38,6 +38,7 @@ global using IOL.GreatOffice.Api.Data.Static;
 global using IOL.GreatOffice.Api.Services;
 global using IOL.GreatOffice.Api.Utilities;
 using System.Reflection;
+using System.Security.Cryptography.X509Certificates;
 using IOL.GreatOffice.Api.Endpoints.V1;
 using IOL.GreatOffice.Api.Jobs;
 using Microsoft.AspNetCore.HttpOverrides;
@@ -89,7 +90,10 @@ public static class Program
 			});
 		}
 
-		builder.Services.AddDataProtection().PersistKeysToDbContext<AppDbContext>();
+		builder.Services
+			   .AddDataProtection()
+			   .PersistKeysToDbContext<AppDbContext>()
+			   .ProtectKeysWithCertificate(vaultService.Get<X509Certificate2>(""));
 		builder.Services.Configure(JsonSettings.Default);
 		builder.Services.AddQuartz(options => {
 			options.UsePersistentStore(o => {
diff --git a/server/src/Services/VaultService.cs b/server/src/Services/VaultService.cs
index 6034586..f6d0ad8 100644
--- a/server/src/Services/VaultService.cs
+++ b/server/src/Services/VaultService.cs
@@ -15,7 +15,7 @@ public class VaultService
 		CACHE_TTL = configuration.GetValue(AppEnvironmentVariables.VAULT_CACHE_TTL, 60 * 60 * 12);
 		if (token.IsNullOrWhiteSpace()) throw new ApplicationException("VAULT_TOKEN is empty");
 		if (vaultUrl.IsNullOrWhiteSpace()) throw new ApplicationException("VAULT_URL is empty");
-		client.DefaultRequestHeaders.Add(AppHeaders.VAULT_TOKEN, token);
+		client.DefaultRequestHeaders.Add("X-Vault-Token", token);
 		client.BaseAddress = new Uri(vaultUrl);
 		_client = client;
 		_cache = cache;
@@ -29,17 +29,17 @@ public class VaultService
 								  cacheEntry => {
 									  cacheEntry.AbsoluteExpirationRelativeToNow = TimeSpan.FromSeconds(CACHE_TTL);
 									  var getSecretResponse = _client.GetFromJsonAsync<GetSecretResponse<T>>("/v1/kv/data/" + path).Result;
-									  if (getSecretResponse != null) {
-										  Log.Debug("Setting new Vault cache, "
-														  + new {
-																  PATH = path,
-																  CACHE_TTL,
-																  Data = JsonSerializer.Serialize(getSecretResponse.Data.Data)
-														  });
-										  return getSecretResponse.Data.Data ?? default;
+									  if (getSecretResponse == null) {
+										  return default;
 									  }
 
-									  return default;
+									  Log.Debug("Setting new Vault cache, "
+												+ new {
+														PATH = path,
+														CACHE_TTL,
+														Data = JsonSerializer.Serialize(getSecretResponse.Data.Data)
+												});
+									  return getSecretResponse.Data.Data ?? default;
 								  });
 	}
author	ivarlovlie <git@ivarlovlie.no>	2022-06-30 01:04:48 +0200
committer	ivarlovlie <git@ivarlovlie.no>	2022-06-30 01:04:48 +0200
commit	6f16b7ca72899e2ae81f4669cdf1b10a43c692e7 (patch)
tree	d2b1e249a0a9e953316dac9bfbcd415eda893e92 /server
parent	a19e31557f6ef33ed33d694968abe7416e878c60 (diff)
download	greatoffice-6f16b7ca72899e2ae81f4669cdf1b10a43c692e7.tar.xz greatoffice-6f16b7ca72899e2ae81f4669cdf1b10a43c692e7.zip