nicoeri/aegis-api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
main
aegis-api/Aegis.API/Program.cs

85 lines
2.8 KiB
C#
Raw Permalink Blame History

using Aegis.API.Auth;
using Aegis.Application.Abstractions;
using Aegis.Application.DataStores.ListDataStores;
using Aegis.Repository.Caching;
using Aegis.Repository.Crypto;
using Aegis.Repository.SQLite;
using Aegis.Repository.SQLite.Repositories;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.IdentityModel.Tokens;
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddControllers();
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddOpenApi();
builder.Services.AddMemoryCache();
var authority = builder.Configuration["Auth:Authority"]
?? throw new InvalidOperationException("Missing config: Auth:Authority");
var audience = builder.Configuration["Auth:Audience"]
?? throw new InvalidOperationException("Missing config: Auth:Audience");
builder.Services
.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(o =>
{
o.Authority = authority;
o.Audience = audience;
o.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidateAudience = true,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
NameClaimType = "name",
RoleClaimType = "roles"
};
});
builder.Services.AddAuthorization();
var cs = builder.Configuration.GetConnectionString("AegisManifest")
?? "Data Source=aegis_manifest.db;Cache=Shared;";
builder.Services.AddSingleton(new SqliteConnectionFactory(cs));
// Resolve (iss, sub) -> user_id (1x por TTL)
builder.Services.AddScoped<IUserIdentityRepository, UserIdentityRepository>();
// ListDatastores
builder.Services.AddScoped<IDataStoreReadRepository, DataStoreReadRepository>();
// Unlocked cache (status)
builder.Services.AddSingleton<MemoryUnlockedDatastoreCache>();
builder.Services.AddSingleton<IUnlockedDataStoreCache>(sp => sp.GetRequiredService<MemoryUnlockedDatastoreCache>());
// Label key / crypto (LK)
var serverSecretB64 = builder.Configuration["Aegis:LabelKey:ServerSecretB64"]
?? throw new InvalidOperationException("Missing config: Aegis:LabelKey:ServerSecretB64");
var serverSecret = Convert.FromBase64String(serverSecretB64);
builder.Services.AddSingleton<ILabelKeyProvider>(new ServerSecretLabelKeyProvider(serverSecret));
builder.Services.AddSingleton<ILabelCrypto, AesGcmLabelCrypto>();
// Use case
builder.Services.AddScoped<ListDataStoresUseCase>();
// Helpers API
builder.Services.AddHttpContextAccessor();
builder.Services.AddScoped<CurrentUserAccessor>();
var app = builder.Build();
app.UseHttpsRedirection();
// Auth pipeline
app.UseAuthentication();
app.UseMiddleware<UserResolutionMiddleware>(); // injeta claim aegis_uid via cache/DB
app.UseAuthorization();
app.MapControllers();
app.Run();
Reference in New Issue View Git Blame Copy Permalink