From 67a62d7311b31eaf737ed07e06d7e8f4f66952fc Mon Sep 17 00:00:00 2001
From: Developer 02 <developer02@didaloghe.onmicrosoft.com>
Date: Tue, 29 Oct 2024 09:29:14 +0100
Subject: [PATCH] =?UTF-8?q?feat(APIKeyAuthOptions):=20Datenmodell=20zur=20?=
 =?UTF-8?q?Konfiguration=20der=20Autorisierung=20mit=20API-Schl=C3=BCssel?=
 =?UTF-8?q?=20erstellt.=20=20-=20DI-Erweiterung=20hinzugef=C3=BCgt?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 WorkFlow.API/Attributes/ApiKeyAuthAttribute.cs | 2 +-
 WorkFlow.API/Extensions/DIExtensions.cs        | 8 ++++++--
 WorkFlow.API/Filters/ApiKeyAuthFilter.cs       | 4 ++--
 WorkFlow.API/Models/APIKeyAuthOptions.cs       | 9 +++++++++
 WorkFlow.API/Program.cs                        | 5 +++--
 WorkFlow.API/appsettings.json                  | 4 ++++
 6 files changed, 25 insertions(+), 7 deletions(-)
 create mode 100644 WorkFlow.API/Models/APIKeyAuthOptions.cs

diff --git a/WorkFlow.API/Attributes/ApiKeyAuthAttribute.cs b/WorkFlow.API/Attributes/ApiKeyAuthAttribute.cs
index f9a0e64..f4614a2 100644
--- a/WorkFlow.API/Attributes/ApiKeyAuthAttribute.cs
+++ b/WorkFlow.API/Attributes/ApiKeyAuthAttribute.cs
@@ -6,7 +6,7 @@ namespace WorkFlow.API.Attributes
     public class APIKeyAuthAttribute : ServiceFilterAttribute
     {
         public APIKeyAuthAttribute()
-            : base(typeof(ApiKeyAuthFilter))
+            : base(typeof(APIKeyAuthFilter))
         {
         }
     }
diff --git a/WorkFlow.API/Extensions/DIExtensions.cs b/WorkFlow.API/Extensions/DIExtensions.cs
index 24b7dd5..61dadda 100644
--- a/WorkFlow.API/Extensions/DIExtensions.cs
+++ b/WorkFlow.API/Extensions/DIExtensions.cs
@@ -1,10 +1,14 @@
 using WorkFlow.API.Filters;
+using WorkFlow.API.Models;
 
 namespace WorkFlow.API.Extensions
 {
     public static class DIExtensions
     {
-        public static IServiceCollection AddAPIKeyAuth(this IServiceCollection services, Func<string, bool> isValidKey, string apiKeyHeaderName = "X-API-Key")
-            => services.AddSingleton<APIKeyAuthFilter>(provider => new(isValidKey: isValidKey, apiKeyHeaderName: apiKeyHeaderName));
+        public static IServiceCollection AddAPIKeyAuth(this IServiceCollection services, Func<string, bool> isValidKey, string headerName = "X-API-Key")
+            => services.AddSingleton<APIKeyAuthFilter>(provider => new(isValidKey: isValidKey, headerName: headerName));
+
+        public static IServiceCollection AddAPIKeyAuth(this IServiceCollection services, APIKeyAuthOptions options)
+            => services.AddAPIKeyAuth(isValidKey: key => key == options.Key, headerName: options.HeaderName);
     }
 }
\ No newline at end of file
diff --git a/WorkFlow.API/Filters/ApiKeyAuthFilter.cs b/WorkFlow.API/Filters/ApiKeyAuthFilter.cs
index 25dda53..e9525fe 100644
--- a/WorkFlow.API/Filters/ApiKeyAuthFilter.cs
+++ b/WorkFlow.API/Filters/ApiKeyAuthFilter.cs
@@ -3,11 +3,11 @@ using Microsoft.AspNetCore.Mvc;
 
 namespace WorkFlow.API.Filters
 {
-    public class APIKeyAuthFilter(Func<string, bool> isValidKey, string apiKeyHeaderName = "X-API-Key") : IAuthorizationFilter
+    public class APIKeyAuthFilter(Func<string, bool> isValidKey, string headerName = "X-API-Key") : IAuthorizationFilter
     {
         public void OnAuthorization(AuthorizationFilterContext context)
         {
-            string? apiKey = context.HttpContext.Request.Headers[apiKeyHeaderName];
+            string? apiKey = context.HttpContext.Request.Headers[headerName];
 
             if (apiKey is null || !isValidKey(apiKey))
             {
diff --git a/WorkFlow.API/Models/APIKeyAuthOptions.cs b/WorkFlow.API/Models/APIKeyAuthOptions.cs
new file mode 100644
index 0000000..75718c0
--- /dev/null
+++ b/WorkFlow.API/Models/APIKeyAuthOptions.cs
@@ -0,0 +1,9 @@
+namespace WorkFlow.API.Models
+{
+    public class APIKeyAuthOptions
+    {
+        public required string Key { get; init; }
+
+        public string HeaderName { get; init; } = "X-API-Key";
+    }
+}
\ No newline at end of file
diff --git a/WorkFlow.API/Program.cs b/WorkFlow.API/Program.cs
index 6031d68..25d99ce 100644
--- a/WorkFlow.API/Program.cs
+++ b/WorkFlow.API/Program.cs
@@ -36,8 +36,9 @@ try
     {
         Claims = user.ToClaimList().ToDictionary(claim => claim.Type, claim => claim.Value as object)
     });
-    if (config.GetValue<string>("API-Key") is string apiKey)
-        builder.Services.AddApiKeyAuth(key => key == apiKey);
+    
+    if (config.GetSection("APIKeyAuth").Get<APIKeyAuthOptions>() is APIKeyAuthOptions options)
+        builder.Services.AddAPIKeyAuth(options);
 
     builder.Services.AddControllers();
 
diff --git a/WorkFlow.API/appsettings.json b/WorkFlow.API/appsettings.json
index 28ebabd..aa629dc 100644
--- a/WorkFlow.API/appsettings.json
+++ b/WorkFlow.API/appsettings.json
@@ -62,5 +62,9 @@
       "User": "(&(objectClass=user)(sAMAccountName=*))",
       "Group": "(&(objectClass=group) (samAccountName=*))"
     }
+  },
+  "APIKeyAuth": {
+    "Key": "ULbcOUiAXAoCXPviyCGtObZUGnrCHNgDmtNbQNpq5MOhB0EFQn18dObdQ93INNy8xIcnOPMJfEHqOotllELVrJ2R5AjqOfQszT2j00w215GanD3UiJGwFhwmdoNFsmNj",
+    "HeaderName": "X-API-Key"
   }
 }
\ No newline at end of file