| | 1 | | using System.Security.Cryptography; |
| | 2 | | using LGDXRobotCloud.API.Exceptions; |
| | 3 | | using LGDXRobotCloud.Data.DbContexts; |
| | 4 | | using LGDXRobotCloud.Data.Entities; |
| | 5 | | using LGDXRobotCloud.Data.Models.Business.Administration; |
| | 6 | | using LGDXRobotCloud.Utilities.Enums; |
| | 7 | | using LGDXRobotCloud.Utilities.Helpers; |
| | 8 | | using Microsoft.EntityFrameworkCore; |
| | 9 | | using Microsoft.Extensions.Caching.Memory; |
| | 10 | |
|
| | 11 | | namespace LGDXRobotCloud.API.Services.Administration; |
| | 12 | |
|
| | 13 | | public interface IApiKeyService |
| | 14 | | { |
| | 15 | | Task<(IEnumerable<ApiKeyBusinessModel>, PaginationHelper)> GetApiKeysAsync(string? name, bool isThirdParty, int pageNu |
| | 16 | | Task<ApiKeyBusinessModel> GetApiKeyAsync(int apiKeyId); |
| | 17 | | Task<ApiKeySecretBusinessModel> GetApiKeySecretAsync(int apiKeyId); |
| | 18 | | Task<ApiKeyBusinessModel> AddApiKeyAsync(ApiKeyCreateBusinessModel apiKeyCreateBusinessModel); |
| | 19 | | Task<bool> UpdateApiKeyAsync(int apiKeyId, ApiKeyUpdateBusinessModel apiKeyUpdateBusinessModel); |
| | 20 | | Task<bool> UpdateApiKeySecretAsync(int apiKeyId, ApiKeySecretUpdateBusinessModel apiKeySecretUpdateBusinessModel); |
| | 21 | | Task<bool> DeleteApiKeyAsync(int apiKeyId); |
| | 22 | |
|
| | 23 | | Task<IEnumerable<ApiKeySearchBusinessModel>> SearchApiKeysAsync(string? name); |
| | 24 | | Task<int?> ValidateApiKeyAsync(string? apiKey); |
| | 25 | | } |
| | 26 | |
|
| 27 | 27 | | public class ApiKeyService( |
| 27 | 28 | | IActivityLogService activityLogService, |
| 27 | 29 | | IMemoryCache memoryCache, |
| 27 | 30 | | LgdxContext context |
| 27 | 31 | | ) : IApiKeyService |
| | 32 | | { |
| 27 | 33 | | private readonly IActivityLogService _activityLogService = activityLogService ?? throw new ArgumentNullException(nameo |
| 27 | 34 | | private readonly LgdxContext _context = context ?? throw new ArgumentNullException(nameof(context)); |
| 27 | 35 | | private readonly IMemoryCache _memoryCache = memoryCache ?? throw new ArgumentNullException(nameof(memoryCache)); |
| | 36 | |
|
| | 37 | | private void RemoveApiKeyCache(string apiKeySecret) |
| 0 | 38 | | { |
| 0 | 39 | | string hashed = LgdxHelper.GenerateSha256Hash(apiKeySecret); |
| 0 | 40 | | _memoryCache.Remove($"ValidateApiKeyAsync_{hashed}"); |
| 0 | 41 | | } |
| | 42 | |
|
| | 43 | | public async Task<(IEnumerable<ApiKeyBusinessModel>, PaginationHelper)> GetApiKeysAsync(string? name, bool isThirdPart |
| 6 | 44 | | { |
| 6 | 45 | | var query = _context.ApiKeys as IQueryable<ApiKey>; |
| 6 | 46 | | query = query.Where(a => a.IsThirdParty == isThirdParty); |
| 6 | 47 | | if (!string.IsNullOrWhiteSpace(name)) |
| 3 | 48 | | { |
| 3 | 49 | | name = name.Trim(); |
| 3 | 50 | | query = query.Where(a => a.Name.ToLower().Contains(name.ToLower())); |
| 3 | 51 | | } |
| 6 | 52 | | var itemCount = await query.CountAsync(); |
| 6 | 53 | | var PaginationHelper = new PaginationHelper(itemCount, pageNumber, pageSize); |
| 6 | 54 | | var apiKeys = await query.AsNoTracking() |
| 6 | 55 | | .OrderBy(a => a.Id) |
| 6 | 56 | | .Skip(pageSize * (pageNumber - 1)) |
| 6 | 57 | | .Take(pageSize) |
| 6 | 58 | | .Select(a => new ApiKeyBusinessModel |
| 6 | 59 | | { |
| 6 | 60 | | Id = a.Id, |
| 6 | 61 | | Name = a.Name, |
| 6 | 62 | | IsThirdParty = a.IsThirdParty, |
| 6 | 63 | | }) |
| 6 | 64 | | .ToListAsync(); |
| 6 | 65 | | return (apiKeys, PaginationHelper); |
| 6 | 66 | | } |
| | 67 | |
|
| | 68 | | public async Task<ApiKeyBusinessModel> GetApiKeyAsync(int apiKeyId) |
| 5 | 69 | | { |
| 5 | 70 | | return await _context.ApiKeys.AsNoTracking() |
| 5 | 71 | | .Where(a => a.Id == apiKeyId) |
| 5 | 72 | | .Select(a => new ApiKeyBusinessModel { |
| 5 | 73 | | Id = a.Id, |
| 5 | 74 | | Name = a.Name, |
| 5 | 75 | | IsThirdParty = a.IsThirdParty, |
| 5 | 76 | | }) |
| 5 | 77 | | .FirstOrDefaultAsync() |
| 5 | 78 | | ?? throw new LgdxNotFound404Exception(); |
| 4 | 79 | | } |
| | 80 | |
|
| | 81 | | public async Task<ApiKeySecretBusinessModel> GetApiKeySecretAsync(int apiKeyId) |
| 5 | 82 | | { |
| 5 | 83 | | var apiKeySecret = await _context.ApiKeys.AsNoTracking() |
| 5 | 84 | | .Where(a => a.Id == apiKeyId) |
| 5 | 85 | | .Select(a => new ApiKeySecretBusinessModel |
| 5 | 86 | | { |
| 5 | 87 | | Secret = a.Secret, |
| 5 | 88 | | }) |
| 5 | 89 | | .FirstOrDefaultAsync() |
| 5 | 90 | | ?? throw new LgdxNotFound404Exception(); |
| | 91 | |
|
| 4 | 92 | | await _activityLogService.CreateActivityLogAsync(new ActivityLogCreateBusinessModel |
| 4 | 93 | | { |
| 4 | 94 | | EntityName = nameof(ApiKey), |
| 4 | 95 | | EntityId = apiKeyId.ToString(), |
| 4 | 96 | | Action = ActivityAction.ApiKeySecretRead, |
| 4 | 97 | | }); |
| | 98 | |
|
| 4 | 99 | | return apiKeySecret; |
| 4 | 100 | | } |
| | 101 | |
|
| | 102 | | private static string GenerateApiKeys() |
| 1 | 103 | | { |
| 1 | 104 | | var bytes = RandomNumberGenerator.GetBytes(32); |
| 1 | 105 | | string base64String = Convert.ToBase64String(bytes) |
| 1 | 106 | | .Replace("+", "-") |
| 1 | 107 | | .Replace("/", "_"); |
| 1 | 108 | | return "LGDX" + base64String; |
| 1 | 109 | | } |
| | 110 | |
|
| | 111 | | public async Task<ApiKeyBusinessModel> AddApiKeyAsync(ApiKeyCreateBusinessModel apiKeyCreateBusinessModel) |
| 2 | 112 | | { |
| 2 | 113 | | if (!apiKeyCreateBusinessModel.IsThirdParty) |
| 1 | 114 | | apiKeyCreateBusinessModel.Secret = GenerateApiKeys(); |
| 2 | 115 | | var apikey = apiKeyCreateBusinessModel.ToEntity(); |
| 2 | 116 | | await _context.ApiKeys.AddAsync(apikey); |
| 2 | 117 | | await _context.SaveChangesAsync(); |
| | 118 | |
|
| 2 | 119 | | await _activityLogService.CreateActivityLogAsync(new ActivityLogCreateBusinessModel |
| 2 | 120 | | { |
| 2 | 121 | | EntityName = nameof(ApiKey), |
| 2 | 122 | | EntityId = apikey.Id.ToString(), |
| 2 | 123 | | Action = ActivityAction.Create, |
| 2 | 124 | | }); |
| | 125 | |
|
| 2 | 126 | | return new ApiKeyBusinessModel |
| 2 | 127 | | { |
| 2 | 128 | | Id = apikey.Id, |
| 2 | 129 | | Name = apikey.Name, |
| 2 | 130 | | IsThirdParty = apikey.IsThirdParty |
| 2 | 131 | | }; |
| 2 | 132 | | } |
| | 133 | |
|
| | 134 | | public async Task<bool> UpdateApiKeyAsync(int apiKeyId, ApiKeyUpdateBusinessModel apiKeyUpdateBusinessModel) |
| 0 | 135 | | { |
| 0 | 136 | | bool result = await _context.ApiKeys |
| 0 | 137 | | .Where(a => a.Id == apiKeyId) |
| 0 | 138 | | .ExecuteUpdateAsync(setters => setters |
| 0 | 139 | | .SetProperty(a => a.Name, apiKeyUpdateBusinessModel.Name)) == 1; |
| | 140 | |
|
| 0 | 141 | | if (result) |
| 0 | 142 | | { |
| 0 | 143 | | await _activityLogService.CreateActivityLogAsync(new ActivityLogCreateBusinessModel |
| 0 | 144 | | { |
| 0 | 145 | | EntityName = nameof(ApiKey), |
| 0 | 146 | | EntityId = apiKeyId.ToString(), |
| 0 | 147 | | Action = ActivityAction.Update, |
| 0 | 148 | | }); |
| 0 | 149 | | } |
| 0 | 150 | | return result; |
| 0 | 151 | | } |
| | 152 | |
|
| | 153 | | public async Task<bool> UpdateApiKeySecretAsync(int apiKeyId, ApiKeySecretUpdateBusinessModel apiKeySecretUpdateBusine |
| 4 | 154 | | { |
| 4 | 155 | | var apiKey = await _context.ApiKeys.Where(a => a.Id == apiKeyId).FirstOrDefaultAsync() |
| 4 | 156 | | ?? throw new LgdxNotFound404Exception(); |
| 3 | 157 | | if (!apiKey.IsThirdParty && !string.IsNullOrEmpty(apiKeySecretUpdateBusinessModel.Secret)) |
| 1 | 158 | | { |
| 1 | 159 | | throw new LgdxValidation400Expection(nameof(apiKeySecretUpdateBusinessModel.Secret), "The LGDXRobot Cloud API Key |
| | 160 | | } |
| | 161 | |
|
| 2 | 162 | | var oldSecret = apiKey.Secret; |
| 2 | 163 | | apiKey.Secret = apiKeySecretUpdateBusinessModel.Secret; |
| 2 | 164 | | bool result = await _context.SaveChangesAsync() == 1; |
| | 165 | |
|
| 2 | 166 | | if (result) |
| 2 | 167 | | { |
| 2 | 168 | | if (!apiKey.IsThirdParty) |
| 0 | 169 | | { |
| 0 | 170 | | RemoveApiKeyCache(oldSecret); |
| 0 | 171 | | } |
| 2 | 172 | | await _activityLogService.CreateActivityLogAsync(new ActivityLogCreateBusinessModel |
| 2 | 173 | | { |
| 2 | 174 | | EntityName = nameof(ApiKey), |
| 2 | 175 | | EntityId = apiKeyId.ToString(), |
| 2 | 176 | | Action = ActivityAction.ApiKeySecretUpdate, |
| 2 | 177 | | }); |
| 2 | 178 | | } |
| 2 | 179 | | return result; |
| 2 | 180 | | } |
| | 181 | |
|
| | 182 | | public async Task<bool> DeleteApiKeyAsync(int apiKeyId) |
| 0 | 183 | | { |
| 0 | 184 | | var apiKey = await _context.ApiKeys.Where(a => a.Id == apiKeyId).FirstOrDefaultAsync() |
| 0 | 185 | | ?? throw new LgdxNotFound404Exception(); |
| | 186 | |
|
| 0 | 187 | | var oldSecret = apiKey.Secret; |
| 0 | 188 | | bool result = await _context.ApiKeys.Where(a => a.Id == apiKeyId) |
| 0 | 189 | | .ExecuteDeleteAsync() == 1; |
| | 190 | |
|
| 0 | 191 | | if (result) |
| 0 | 192 | | { |
| 0 | 193 | | if (!apiKey.IsThirdParty) |
| 0 | 194 | | { |
| 0 | 195 | | RemoveApiKeyCache(oldSecret); |
| 0 | 196 | | } |
| 0 | 197 | | await _activityLogService.CreateActivityLogAsync(new ActivityLogCreateBusinessModel |
| 0 | 198 | | { |
| 0 | 199 | | EntityName = nameof(ApiKey), |
| 0 | 200 | | EntityId = apiKeyId.ToString(), |
| 0 | 201 | | Action = ActivityAction.Delete, |
| 0 | 202 | | }); |
| 0 | 203 | | } |
| 0 | 204 | | return result; |
| 0 | 205 | | } |
| | 206 | |
|
| | 207 | | public async Task<IEnumerable<ApiKeySearchBusinessModel>> SearchApiKeysAsync(string? name) |
| 5 | 208 | | { |
| 5 | 209 | | var n = name ?? string.Empty; |
| 5 | 210 | | return await _context.ApiKeys.AsNoTracking() |
| 5 | 211 | | .Where(w => w.Name.ToLower().Contains(n.ToLower())) |
| 5 | 212 | | .Where(w => w.IsThirdParty == true) |
| 5 | 213 | | .Take(10) |
| 5 | 214 | | .Select(t => new ApiKeySearchBusinessModel { |
| 5 | 215 | | Id = t.Id, |
| 5 | 216 | | Name = t.Name, |
| 5 | 217 | | }) |
| 5 | 218 | | .ToListAsync(); |
| 5 | 219 | | } |
| | 220 | |
|
| | 221 | | public async Task<int?> ValidateApiKeyAsync(string? apiKey) |
| 0 | 222 | | { |
| 0 | 223 | | if (string.IsNullOrWhiteSpace(apiKey)) |
| 0 | 224 | | { |
| 0 | 225 | | return null; |
| | 226 | | } |
| | 227 | |
|
| 0 | 228 | | string hashed = LgdxHelper.GenerateSha256Hash(apiKey); |
| 0 | 229 | | if (_memoryCache.TryGetValue($"ValidateApiKeyAsync_{hashed}", out int exist)) |
| 0 | 230 | | { |
| 0 | 231 | | return exist; |
| | 232 | | } |
| | 233 | |
|
| 0 | 234 | | int? apiKeyId = await _context.ApiKeys.AsNoTracking() |
| 0 | 235 | | .Where(a => a.Secret == apiKey) |
| 0 | 236 | | .Where(a => !a.IsThirdParty) |
| 0 | 237 | | .Select(a => a.Id) |
| 0 | 238 | | .FirstOrDefaultAsync(); |
| | 239 | |
|
| 0 | 240 | | if (apiKeyId != null) |
| 0 | 241 | | { |
| 0 | 242 | | _memoryCache.Set($"ValidateApiKeyAsync_{hashed}", true, TimeSpan.FromMinutes(5)); |
| 0 | 243 | | } |
| | 244 | |
|
| 0 | 245 | | return apiKeyId; |
| 0 | 246 | | } |
| | 247 | | } |