From cf9597de850de1ef721a35ad79ac67b9fdb9e1d4 Mon Sep 17 00:00:00 2001 From: ivarlovlie Date: Sat, 4 Jun 2022 21:05:47 +0200 Subject: refactor: Use Vault to get configuration --- server/src/Services/ForgotPasswordService.cs | 14 ++--- server/src/Services/MailService.cs | 12 +++-- server/src/Services/VaultService.cs | 80 ++++++++++++++++++++++++++++ 3 files changed, 95 insertions(+), 11 deletions(-) create mode 100644 server/src/Services/VaultService.cs (limited to 'server/src/Services') diff --git a/server/src/Services/ForgotPasswordService.cs b/server/src/Services/ForgotPasswordService.cs index de38b29..e6b6acf 100644 --- a/server/src/Services/ForgotPasswordService.cs +++ b/server/src/Services/ForgotPasswordService.cs @@ -1,16 +1,18 @@ +using Microsoft.Extensions.Options; + namespace IOL.GreatOffice.Api.Services; public class ForgotPasswordService { private readonly AppDbContext _context; private readonly MailService _mailService; - private readonly IConfiguration _configuration; + private readonly IOptions _configuration; private readonly ILogger _logger; public ForgotPasswordService( AppDbContext context, - IConfiguration configuration, + IOptions configuration, ILogger logger, MailService mailService ) { @@ -57,9 +59,9 @@ public class ForgotPasswordService var request = new ForgotPasswordRequest(user); _context.ForgotPasswordRequests.Add(request); await _context.SaveChangesAsync(cancellationToken); - var accountsUrl = _configuration.GetValue(AppEnvironmentVariables.ACCOUNTS_URL); - var emailFromAddress = _configuration.GetValue(AppEnvironmentVariables.EMAIL_FROM_ADDRESS); - var emailFromDisplayName = _configuration.GetValue(AppEnvironmentVariables.EMAIL_FROM_DISPLAY_NAME); + var portalUrl = _configuration.Value.PORTAL_URL; + var emailFromAddress = _configuration.Value.EMAIL_FROM_ADDRESS; + var emailFromDisplayName = _configuration.Value.EMAIL_FROM_DISPLAY_NAME; var zonedExpirationDate = TimeZoneInfo.ConvertTimeBySystemTimeZoneId(request.ExpirationDate, requestTz.Id); var message = new MailMessage { From = new MailAddress(emailFromAddress, emailFromDisplayName), @@ -72,7 +74,7 @@ Hi {user.Username} Go to the following link to set a new password. -{accountsUrl}/#/reset-password?id={request.Id} +{portalUrl}/#/reset-password?id={request.Id} The link expires at {zonedExpirationDate:yyyy-MM-dd hh:mm}. If you did not request a password reset, no action is required. diff --git a/server/src/Services/MailService.cs b/server/src/Services/MailService.cs index b271de4..d773303 100644 --- a/server/src/Services/MailService.cs +++ b/server/src/Services/MailService.cs @@ -1,3 +1,5 @@ +using Microsoft.Extensions.Options; + namespace IOL.GreatOffice.Api.Services; public class MailService @@ -13,12 +15,12 @@ public class MailService /// /// /// - public MailService(IConfiguration configuration, ILogger logger) { + public MailService(IOptions configuration, ILogger logger) { _logger = logger; - _emailHost = configuration.GetValue(AppEnvironmentVariables.SMTP_HOST); - _emailPort = configuration.GetValue(AppEnvironmentVariables.SMTP_PORT); - _emailUser = configuration.GetValue(AppEnvironmentVariables.SMTP_USER); - _emailPassword = configuration.GetValue(AppEnvironmentVariables.SMTP_PASSWORD); + _emailHost = configuration.Value.SMTP_HOST; + _emailPort = Convert.ToInt32(configuration.Value.SMTP_PORT); + _emailUser = configuration.Value.SMTP_USER; + _emailPassword = configuration.Value.SMTP_PASSWORD; } /// diff --git a/server/src/Services/VaultService.cs b/server/src/Services/VaultService.cs new file mode 100644 index 0000000..388f8d4 --- /dev/null +++ b/server/src/Services/VaultService.cs @@ -0,0 +1,80 @@ +namespace IOL.GreatOffice.Api.Services; + +public class VaultService +{ + private readonly HttpClient _client; + + public VaultService(HttpClient client, IConfiguration configuration) { + var token = configuration.GetValue("VAULT_TOKEN"); + var vaultUrl = configuration.GetValue("VAULT_URL"); + if (token.IsNullOrWhiteSpace()) throw new ApplicationException("VAULT_TOKEN is empty"); + if (vaultUrl.IsNullOrWhiteSpace()) throw new ApplicationException("VAULT_URL is empty"); + client.DefaultRequestHeaders.Add("X-Vault-Token", token); + client.BaseAddress = new Uri(vaultUrl); + _client = client; + } + + public async Task> GetSecretAsync(string path) { + return await _client.GetFromJsonAsync>("/v1/kv/data/" + path); + } + + public async Task RenewTokenAsync(string token) { + var response = await _client.PostAsJsonAsync("v1/auth/token/renew", + new { + Token = token + }); + if (response.IsSuccessStatusCode) { + return await response.Content.ReadFromJsonAsync(); + } + + return default; + } + + public class RenewTokenResponse + { + public Guid RequestId { get; set; } + public string LeaseId { get; set; } + public bool Renewable { get; set; } + public long LeaseDuration { get; set; } + public object Data { get; set; } + public object WrapInfo { get; set; } + public List Warnings { get; set; } + public Auth Auth { get; set; } + } + + public class Auth + { + public string ClientToken { get; set; } + public string Accessor { get; set; } + public List Policies { get; set; } + public List TokenPolicies { get; set; } + public object Metadata { get; set; } + public long LeaseDuration { get; set; } + public bool Renewable { get; set; } + public string EntityId { get; set; } + public string TokenType { get; set; } + public bool Orphan { get; set; } + public object MfaRequirement { get; set; } + public long NumUses { get; set; } + } + + public class GetSecretResponse + { + public VaultSecret Data { get; set; } + } + + public class VaultSecret + { + public T Data { get; set; } + public VaultSecretMetadata Metadata { get; set; } + } + + public class VaultSecretMetadata + { + public DateTimeOffset CreatedTime { get; set; } + public object CustomMetadata { get; set; } + public string DeletionTime { get; set; } + public bool Destroyed { get; set; } + public long Version { get; set; } + } +} -- cgit v1.3