[AllowAnonymous] // bootstrap public string RetrieveKey([FromBody] JsonElement body) { _log.LogDebug("RetrieveKey method was called!"); string proof = body.GetString(); string userManagedPassword = _configuration.GetValue <string>(MagicConstants.EnvironmentVariable_SharedSecret); if (string.IsNullOrEmpty(userManagedPassword)) { throw new InvalidOperationException($"{MagicConstants.EnvironmentVariable_SharedSecret} environment variable is required by CLI"); } if (proof == SharedSecret.DeriveFromPassword(userManagedPassword)) { return(_apiKeyRepo.PickValidKey()); } else { _log.LogError("API Key request failed from {0}", HttpContext.Connection.RemoteIpAddress); return(MagicConstants.InvalidApiKey); } }
internal async Task <Guid> AddFromUrlAsync(string projectName, string @event, EventFilters filters, Uri targetUrl, string ruleName, bool impersonateExecution, CancellationToken cancellationToken) { async Task <(Uri, string)> RetrieveHostedUrl(string _ruleName, CancellationToken _cancellationToken) { string apiKey = MagicConstants.InvalidApiKey; logger.WriteVerbose($"Validating target URL {targetUrl.AbsoluteUri}"); string userManagedPassword = Environment.GetEnvironmentVariable(MagicConstants.EnvironmentVariable_SharedSecret); if (string.IsNullOrEmpty(userManagedPassword)) { throw new ApplicationException($"{MagicConstants.EnvironmentVariable_SharedSecret} environment variable is required for this command"); } string proof = SharedSecret.DeriveFromPassword(userManagedPassword); var configUrl = new UriBuilder(targetUrl); configUrl.Path += $"config/key"; var handler = new HttpClientHandler() { SslProtocols = SslProtocols.Tls12,// | SslProtocols.Tls11 | SslProtocols.Tls, ServerCertificateCustomValidationCallback = delegate { return(true); } }; using (var client = new HttpClient(handler)) using (var request = new HttpRequestMessage(HttpMethod.Post, configUrl.Uri)) { using (request.Content = new StringContent($"\"{proof}\"", Encoding.UTF8, "application/json")) using (var response = await client.SendAsync(request, cancellationToken)) { switch (response.StatusCode) { case HttpStatusCode.OK: logger.WriteVerbose($"Connection to {targetUrl} succeded"); apiKey = await response.Content.ReadAsStringAsync(); logger.WriteInfo($"Configuration retrieved."); break; default: logger.WriteError($"{targetUrl} returned {response.ReasonPhrase}."); break; }//switch } } if (string.IsNullOrEmpty(apiKey) || apiKey == MagicConstants.InvalidApiKey) { throw new ApplicationException("Unable to retrieve API Key, please check Shared secret configuration"); } var b = new UriBuilder(targetUrl); b.Path += $"workitem/{_ruleName}"; return(b.Uri, apiKey); } return(await CoreAddAsync(projectName, @event, filters, ruleName, impersonateExecution, RetrieveHostedUrl, MagicConstants.ApiKeyAuthenticationHeaderName, cancellationToken)); }