diff --git a/WorkFlow.API/Attributes/ApiKeyAuthAttribute.cs b/WorkFlow.API/Attributes/ApiKeyAuthAttribute.cs index f9a0e64..f4614a2 100644 --- a/WorkFlow.API/Attributes/ApiKeyAuthAttribute.cs +++ b/WorkFlow.API/Attributes/ApiKeyAuthAttribute.cs @@ -6,7 +6,7 @@ namespace WorkFlow.API.Attributes public class APIKeyAuthAttribute : ServiceFilterAttribute { public APIKeyAuthAttribute() - : base(typeof(ApiKeyAuthFilter)) + : base(typeof(APIKeyAuthFilter)) { } } diff --git a/WorkFlow.API/Extensions/DIExtensions.cs b/WorkFlow.API/Extensions/DIExtensions.cs index 24b7dd5..61dadda 100644 --- a/WorkFlow.API/Extensions/DIExtensions.cs +++ b/WorkFlow.API/Extensions/DIExtensions.cs @@ -1,10 +1,14 @@ using WorkFlow.API.Filters; +using WorkFlow.API.Models; namespace WorkFlow.API.Extensions { public static class DIExtensions { - public static IServiceCollection AddAPIKeyAuth(this IServiceCollection services, Func isValidKey, string apiKeyHeaderName = "X-API-Key") - => services.AddSingleton(provider => new(isValidKey: isValidKey, apiKeyHeaderName: apiKeyHeaderName)); + public static IServiceCollection AddAPIKeyAuth(this IServiceCollection services, Func isValidKey, string headerName = "X-API-Key") + => services.AddSingleton(provider => new(isValidKey: isValidKey, headerName: headerName)); + + public static IServiceCollection AddAPIKeyAuth(this IServiceCollection services, APIKeyAuthOptions options) + => services.AddAPIKeyAuth(isValidKey: key => key == options.Key, headerName: options.HeaderName); } } \ No newline at end of file diff --git a/WorkFlow.API/Filters/ApiKeyAuthFilter.cs b/WorkFlow.API/Filters/ApiKeyAuthFilter.cs index 25dda53..e9525fe 100644 --- a/WorkFlow.API/Filters/ApiKeyAuthFilter.cs +++ b/WorkFlow.API/Filters/ApiKeyAuthFilter.cs @@ -3,11 +3,11 @@ using Microsoft.AspNetCore.Mvc; namespace WorkFlow.API.Filters { - public class APIKeyAuthFilter(Func isValidKey, string apiKeyHeaderName = "X-API-Key") : IAuthorizationFilter + public class APIKeyAuthFilter(Func isValidKey, string headerName = "X-API-Key") : IAuthorizationFilter { public void OnAuthorization(AuthorizationFilterContext context) { - string? apiKey = context.HttpContext.Request.Headers[apiKeyHeaderName]; + string? apiKey = context.HttpContext.Request.Headers[headerName]; if (apiKey is null || !isValidKey(apiKey)) { diff --git a/WorkFlow.API/Models/APIKeyAuthOptions.cs b/WorkFlow.API/Models/APIKeyAuthOptions.cs new file mode 100644 index 0000000..75718c0 --- /dev/null +++ b/WorkFlow.API/Models/APIKeyAuthOptions.cs @@ -0,0 +1,9 @@ +namespace WorkFlow.API.Models +{ + public class APIKeyAuthOptions + { + public required string Key { get; init; } + + public string HeaderName { get; init; } = "X-API-Key"; + } +} \ No newline at end of file diff --git a/WorkFlow.API/Program.cs b/WorkFlow.API/Program.cs index 6031d68..25d99ce 100644 --- a/WorkFlow.API/Program.cs +++ b/WorkFlow.API/Program.cs @@ -36,8 +36,9 @@ try { Claims = user.ToClaimList().ToDictionary(claim => claim.Type, claim => claim.Value as object) }); - if (config.GetValue("API-Key") is string apiKey) - builder.Services.AddApiKeyAuth(key => key == apiKey); + + if (config.GetSection("APIKeyAuth").Get() is APIKeyAuthOptions options) + builder.Services.AddAPIKeyAuth(options); builder.Services.AddControllers(); diff --git a/WorkFlow.API/appsettings.json b/WorkFlow.API/appsettings.json index 28ebabd..aa629dc 100644 --- a/WorkFlow.API/appsettings.json +++ b/WorkFlow.API/appsettings.json @@ -62,5 +62,9 @@ "User": "(&(objectClass=user)(sAMAccountName=*))", "Group": "(&(objectClass=group) (samAccountName=*))" } + }, + "APIKeyAuth": { + "Key": "ULbcOUiAXAoCXPviyCGtObZUGnrCHNgDmtNbQNpq5MOhB0EFQn18dObdQ93INNy8xIcnOPMJfEHqOotllELVrJ2R5AjqOfQszT2j00w215GanD3UiJGwFhwmdoNFsmNj", + "HeaderName": "X-API-Key" } } \ No newline at end of file