Environment var => IOptions

Author: tibitoth

src/Ahk.GradeManagement/Ahk.GradeManagement.Api/Controllers/ConfigController.cs

@@ -1,34 +1,29 @@
+using Ahk.GradeManagement.Backend.Common.Options;
+
 using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Options;
 
 namespace Ahk.GradeManagement.Api.Controllers;
 
 [ApiController]
 [Route("api/config")]
-public class ConfigController : ControllerBase
+public class ConfigController(IOptions<AhkOptions> ahkOptionsAccessor) : ControllerBase
 {
+    private readonly AhkOptions _ahkOptions = ahkOptionsAccessor.Value;
+
     [HttpGet("app-url")]
     [ProducesResponseType(StatusCodes.Status200OK)]
     [ProducesResponseType(StatusCodes.Status404NotFound)]
     public IActionResult GetAppUrl()
     {
-        var appUrl = Environment.GetEnvironmentVariable("APP_URL");
-
-        if (string.IsNullOrEmpty(appUrl))
-            return NotFound("APP_URL is not set.");
-
-        return Ok(appUrl);
+        return Ok(_ahkOptions.AppUrl);
     }
 
     [HttpGet("monitor-url")]
     [ProducesResponseType(StatusCodes.Status200OK)]
     [ProducesResponseType(StatusCodes.Status404NotFound)]
     public IActionResult GetMonitorUrl()
     {
-        var monitorUrl = Environment.GetEnvironmentVariable("MONITOR_URL");
-
-        if (string.IsNullOrEmpty(monitorUrl))
-            return NotFound("MONITOR_URL is not set.");
-
-        return Ok(monitorUrl);
+       return Ok(_ahkOptions.MonitorUrl);
     }
 }

src/Ahk.GradeManagement/Ahk.GradeManagement.Api/Controllers/GitHubAppController.cs

@@ -1,9 +1,11 @@
+using Ahk.GradeManagement.Backend.Common.Options;
 using Ahk.GradeManagement.Shared.Dtos.GitHubManifest;
 
 using Azure.Identity;
 using Azure.Security.KeyVault.Secrets;
 
 using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Options;
 
 using System.Net.Http.Headers;
 using System.Text.Json;
@@ -12,14 +14,14 @@ namespace Ahk.GradeManagement.Api.Controllers;
 
 [Route("api/github")]
 [ApiController]
-public class GitHubAppController(IHttpClientFactory httpClientFactory) : ControllerBase
+public class GitHubAppController(IHttpClientFactory httpClientFactory, IOptions<AhkOptions> ahkOptionsAccessor) : ControllerBase
 {
+    private readonly AhkOptions _ahkOptions = ahkOptionsAccessor.Value;
+
     [HttpGet]
     public async Task<IActionResult> CreateGitHubApp([FromQuery] string code)
     {
-        var appUrl = Environment.GetEnvironmentVariable("APP_URL");
-        var keyVaultUrl = Environment.GetEnvironmentVariable("KEY_VAULT_URI");
-        var client = new SecretClient(new Uri(keyVaultUrl), new DefaultAzureCredential());
+        var client = new SecretClient(new Uri(_ahkOptions.KeyVaultUrl), new DefaultAzureCredential());
         var httpClient = httpClientFactory.CreateClient();
         httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
 
@@ -30,21 +32,14 @@ public async Task<IActionResult> CreateGitHubApp([FromQuery] string code)
 
         var content = await response.Content.ReadAsStringAsync();
         var gitHubApp = JsonSerializer.Deserialize<GitHubApp>(content);
-        var pem = RemovePemFencing(gitHubApp.Pem);
 
-        await client.SetSecretAsync($"GitHubMonitorConfig--{gitHubApp.Owner.Login}--GitHubAppId",
-            gitHubApp.Id.ToString());
+        var lines = gitHubApp.Pem.Split(['\r', '\n'], StringSplitOptions.RemoveEmptyEntries);
+        var pem = string.Join("", lines.Skip(1).Take(lines.Length - 2));
+
+        await client.SetSecretAsync($"GitHubMonitorConfig--{gitHubApp.Owner.Login}--GitHubAppId", gitHubApp.Id.ToString());
         await client.SetSecretAsync($"GitHubMonitorConfig--{gitHubApp.Owner.Login}--GitHubAppPrivateKey", pem);
-        await client.SetSecretAsync($"GitHubMonitorConfig--{gitHubApp.Owner.Login}--GitHubWebhookSecret",
-            gitHubApp.WebhookSecret);
+        await client.SetSecretAsync($"GitHubMonitorConfig--{gitHubApp.Owner.Login}--GitHubWebhookSecret", gitHubApp.WebhookSecret);
 
         return Redirect($"https://github.com/organizations/ahk-dev-org/settings/apps/{gitHubApp.Slug}/installations");
     }
-
-    public static string RemovePemFencing(string pem)
-    {
-        var lines = pem.Split(new[] { '\r', '\n' }, StringSplitOptions.RemoveEmptyEntries);
-        var base64String = string.Join("", lines.Skip(1).Take(lines.Length - 2));
-        return base64String;
-    }
 }

src/Ahk.GradeManagement/Ahk.GradeManagement.Api/Program.cs

@@ -1,6 +1,7 @@
 using Ahk.GradeManagement.Api.Authorization;
 using Ahk.GradeManagement.Api.ErrorHandling;
 using Ahk.GradeManagement.Api.RequestContext;
+using Ahk.GradeManagement.Backend.Common.Options;
 using Ahk.GradeManagement.Bll;
 using Ahk.GradeManagement.Dal;
 
@@ -20,13 +21,8 @@ public static void Main(string[] args)
     {
         var builder = WebApplication.CreateBuilder(args);
 
-        var keyVaultUri = builder.Configuration["KEY_VAULT_URI"];
-        if (!string.IsNullOrEmpty(keyVaultUri))
-        {
-            builder.Configuration.AddAzureKeyVault(
-                new Uri(keyVaultUri),
-                new DefaultAzureCredential());
-        }
+        var ahkOptions = builder.Services.ConfigureOption<AhkOptions>(builder.Configuration);
+        builder.Configuration.AddAzureKeyVault(new Uri(ahkOptions.KeyVaultUrl), new DefaultAzureCredential());
 
         builder.Services.AddRequestContext();
         builder.Services.AddHttpClient();

src/Ahk.GradeManagement/Ahk.GradeManagement.Api/Properties/launchSettings.json

@@ -9,30 +9,14 @@
     }
   },
   "profiles": {
-    "http": {
-      "commandName": "Project",
-      "dotnetRunMessages": true,
-      "launchBrowser": true,
-      "inspectUri": "{wsProtocol}://{url.hostname}:{url.port}/_framework/debug/ws-proxy?browser={browserInspectUri}",
-      "applicationUrl": "http://10.0.0.10:5180",
-      "environmentVariables": {
-        "ASPNETCORE_ENVIRONMENT": "Development",
-        "MONITOR_URL": "https://monitor.mm-home.eu/api/github-webhook",
-        "KEY_VAULT_URI": "https://ahkgithubmonitorsecrets.vault.azure.net/",
-        "APP_URL": "https://app.mm-home.eu/"
-      }
-    },
     "https": {
       "commandName": "Project",
       "dotnetRunMessages": true,
       "launchBrowser": true,
       "inspectUri": "{wsProtocol}://{url.hostname}:{url.port}/_framework/debug/ws-proxy?browser={browserInspectUri}",
       "applicationUrl": "https://localhost:7111;http://localhost:5268",
       "environmentVariables": {
-        "ASPNETCORE_ENVIRONMENT": "Development",
-        "MONITOR_URL": "https://monitor.mm-home.eu/api/github-webhook",
-        "KEY_VAULT_URI": "https://ahkgithubmonitorsecrets.vault.azure.net/",
-        "APP_URL": "https://localhost:7111/"
+        "ASPNETCORE_ENVIRONMENT": "Development"
       }
     },
     "IIS Express": {

src/Ahk.GradeManagement/Ahk.GradeManagement.Api/appsettings.Development.json

@@ -10,5 +10,9 @@
   },
   "ErrorHandlingOptions": {
     "ReturnExceptionDetails": true
+  },
+  "AhkOptions": {
+    "AppUrl": "https://localhost:7111/",
+    "KeyVaultUrl": "https://ahkgithubmonitorsecrets.vault.azure.net/"
   }
 }

src/Ahk.GradeManagement/Ahk.GradeManagement.Api/appsettings.json

@@ -1,6 +1,6 @@
 {
   "ConnectionStrings": {
-    "DbConnection": "Server=ahk-grade-management.database.windows.net,1433;Database=GradeManagement.Database;Encrypt=True;TrustServerCertificate=False;Connection Timeout=30;MultipleActiveResultSets=true;Authentication=\"Active Directory Default\";"
+    "DbConnection": "OVERRIDE ME"
   },
   "Logging": {
     "LogLevel": {
@@ -17,5 +17,10 @@
   },
   "ErrorHandlingOptions": {
     "ReturnExceptionDetails": false
+  },
+  "AhkOptions": {
+    "AppUrl": "OVERRIDE ME",
+    "MonitorUrl": "OVERRIDE ME",
+    "KeyVaultUrl": "OVERRIDE ME"
   }
 }

src/Ahk.GradeManagement/Ahk.GradeManagement.Backend.Common/Options/AhkOptions.cs

@@ -0,0 +1,8 @@
+namespace Ahk.GradeManagement.Backend.Common.Options;
+
+public class AhkOptions
+{
+    public string AppUrl { get; set; } = null!;
+    public string MonitorUrl { get; set; } = null!;
+    public string KeyVaultUrl { get; set; } = null!;
+}

src/Ahk.GradeManagement/Ahk.GradeManagement.Bll/Services/CourseService.cs

@@ -19,12 +19,16 @@
 
 using Microsoft.EntityFrameworkCore;
 using Ahk.GradeManagement.Backend.Common.RequestContext;
+using Microsoft.Extensions.Options;
+using Ahk.GradeManagement.Backend.Common.Options;
 
 namespace Ahk.GradeManagement.Bll.Services;
 
-public class CourseService(GradeManagementDbContext gradeManagementDbContext, IMapper mapper, IRequestContext requestContext)
+public class CourseService(GradeManagementDbContext gradeManagementDbContext, IMapper mapper, IRequestContext requestContext, IOptions<AhkOptions> ahkOptionsAccessor)
     : ICrudServiceBase<CourseRequest, CourseResponse>
 {
+    private readonly AhkOptions _ahkOptions = ahkOptionsAccessor.Value;
+
     public async Task<IEnumerable<CourseResponse>> GetAllAsync()
     {
         return await gradeManagementDbContext.Course
@@ -114,11 +118,9 @@ public async Task<IEnumerable<GroupResponse>> GetAllGroupsByIdAsync(long id)
             .ToListAsync();
     }
 
-    private static async Task SetSecret(string moodleClientId, string privateKey)
+    private async Task SetSecret(string moodleClientId, string privateKey)
     {
-        var keyVaultUrl = Environment.GetEnvironmentVariable("KEY_VAULT_URI");
-        if (string.IsNullOrEmpty(keyVaultUrl)) throw new ArgumentException("Key vault URL is null or empty!");
-        var client = new SecretClient(new Uri(keyVaultUrl), new DefaultAzureCredential());
+        var client = new SecretClient(new Uri(_ahkOptions.KeyVaultUrl), new DefaultAzureCredential());
 
         await client.SetSecretAsync($"{MoodleConfig.Name}--{moodleClientId}--MoodlePrivateKey", privateKey);
     }

src/Ahk.GradeManagement/Ahk.GradeManagement.Bll/Services/Moodle/TokenGeneratorService.cs

@@ -1,30 +1,34 @@
+using Ahk.GradeManagement.Backend.Common.Options;
 using Ahk.GradeManagement.Dal.Entities;
 using Ahk.GradeManagement.Shared.Config;
+using Ahk.GradeManagement.Shared.Exceptions;
 
 using Azure.Identity;
 using Azure.Security.KeyVault.Secrets;
 
-using Ahk.GradeManagement.Shared.Exceptions;
-
 using Jose;
 
-using Microsoft.Extensions.Configuration;
+using Microsoft.Extensions.Options;
 
 using Org.BouncyCastle.Crypto;
 using Org.BouncyCastle.Crypto.Parameters;
 using Org.BouncyCastle.OpenSsl;
 using Org.BouncyCastle.Security;
 
+using System.Globalization;
 using System.Net.Http.Json;
 using System.Security.Claims;
 using System.Security.Cryptography;
 
 namespace Ahk.GradeManagement.Bll.Services.Moodle;
 
-public class TokenGeneratorService(IConfiguration configuration)
+public class TokenGeneratorService(IOptions<AhkOptions> ahkOptionsAccessor)
 {
-    private const string Scope =
-        "https://purl.imsglobal.org/spec/lti-ags/scope/lineitem https://purl.imsglobal.org/spec/lti-ags/scope/lineitem.readonly https://purl.imsglobal.org/spec/lti-ags/scope/result.readonly https://purl.imsglobal.org/spec/lti-ags/scope/score";
+    private readonly AhkOptions _ahkOptions = ahkOptionsAccessor.Value;
+    private static readonly string Scope = "https://purl.imsglobal.org/spec/lti-ags/scope/lineitem " +
+        "https://purl.imsglobal.org/spec/lti-ags/scope/lineitem.readonly " +
+        "https://purl.imsglobal.org/spec/lti-ags/scope/result.readonly " +
+        "https://purl.imsglobal.org/spec/lti-ags/scope/score";
 
     public async Task<string?> GenerateAccessToken(Course course)
     {
@@ -35,9 +39,8 @@ public class TokenGeneratorService(IConfiguration configuration)
 
         var data = new[]
         {
-            new KeyValuePair<string, string>("grant_type", "client_credentials"), new KeyValuePair<string, string>(
-                "client_assertion_type",
-                "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"),
+            new KeyValuePair<string, string>("grant_type", "client_credentials"),
+            new KeyValuePair<string, string>("client_assertion_type", "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"),
             new KeyValuePair<string, string>("client_assertion", token),
             new KeyValuePair<string, string>("scope", Scope),
         };
@@ -49,41 +52,34 @@ public class TokenGeneratorService(IConfiguration configuration)
 
     private async Task<string> MakeClientAssertionToken(Course course)
     {
-        var appUrl = configuration["APP_URL"];
-        if (string.IsNullOrEmpty(appUrl)) throw new MoodleSyncException("App url was null or empty!");
-
-        var claims = new List<Claim>();
-        claims.Add(new Claim("iss", appUrl));
-        claims.Add(new Claim("iat", ((int)(DateTime.UtcNow - new DateTime(1970, 1, 1)).TotalSeconds).ToString()));
-        claims.Add(new Claim("exp",
-            ((int)(DateTime.UtcNow.AddHours(1) - new DateTime(1970, 1, 1)).TotalSeconds).ToString()));
-        claims.Add(new Claim("aud", "https://edu.vik.bme.hu/mod/lti/token.php"));
-        claims.Add(new Claim("sub", course.MoodleClientId));
+        List<Claim> claims =
+        [
+            new Claim("iss", _ahkOptions.AppUrl),
+            new Claim("iat", ((int)(DateTime.UtcNow - new DateTime(1970, 1, 1)).TotalSeconds).ToString(CultureInfo.InvariantCulture)),
+            new Claim("exp", ((int)(DateTime.UtcNow.AddHours(1) - new DateTime(1970, 1, 1)).TotalSeconds).ToString(CultureInfo.InvariantCulture)),
+            new Claim("aud", "https://edu.vik.bme.hu/mod/lti/token.php"),
+            new Claim("sub", course.MoodleClientId)
+        ];
 
         return await CreateToken(claims, course);
     }
 
     private async Task<string> CreateToken(List<Claim> claims, Course course)
     {
-        var keyVaultUrl = Environment.GetEnvironmentVariable("KEY_VAULT_URI");
-        if (keyVaultUrl == null)
-            throw new Exception("Please set environment variable KEY_VAULT_URI");
-
-        var secretClient = new SecretClient(new Uri(keyVaultUrl), new DefaultAzureCredential());
-        var moodlePrivateKey =
-            await secretClient.GetSecretAsync($"{MoodleConfig.Name}--{course.MoodleClientId}--MoodlePrivateKey");
+        var secretClient = new SecretClient(new Uri(_ahkOptions.KeyVaultUrl), new DefaultAzureCredential());
+        var moodlePrivateKey = await secretClient.GetSecretAsync($"{MoodleConfig.Name}--{course.MoodleClientId}--MoodlePrivateKey");
 
         var privateRsaKey = moodlePrivateKey.Value.Value;
-        if (string.IsNullOrEmpty(privateRsaKey)) throw new MoodleSyncException("Private RSA was null or empty!");
+        if (string.IsNullOrEmpty(privateRsaKey))
+            throw new MoodleSyncException("Private RSA was null or empty!");
 
         privateRsaKey = privateRsaKey.Trim();
 
         RSAParameters rsaParams;
         using (var tr = new StringReader(privateRsaKey))
         {
             var pemReader = new PemReader(tr);
-            var keyPair = pemReader.ReadObject() as AsymmetricCipherKeyPair;
-            if (keyPair == null)
+            if (pemReader.ReadObject() is not AsymmetricCipherKeyPair keyPair)
                 throw new MoodleSyncException("Could not read RSA private key");
 
             var privateRsaParams = keyPair.Private as RsaPrivateCrtKeyParameters;