stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

stabilizaiton work - projects rework for maintenanceability and ui livening

Browse Source
This commit is contained in:
master
2026-02-03 23:40:04 +02:00
parent 074ce117ba
commit 557feefdc3
3305 changed files with 186813 additions and 107843 deletions
Download Patch File Download Diff File Expand all files Collapse all files

157
src/__Libraries/StellaOps.Configuration/AuthorityVulnerabilityExplorerOptions.cs
View File

@@ -1,6 +1,3 @@
using System;
using System.Collections.Generic;
namespace StellaOps.Configuration;
/// <summary>
@@ -24,157 +21,3 @@ public sealed class AuthorityVulnerabilityExplorerOptions
Attachments.Validate();
}
}
/// <summary>
/// Workflow specific configuration for Vuln Explorer clients.
/// </summary>
public sealed class AuthorityVulnWorkflowOptions
{
/// <summary>
/// Anti-forgery token configuration.
/// </summary>
public AuthorityVulnAntiForgeryOptions AntiForgery { get; } = new();
internal void Validate()
{
AntiForgery.Validate();
}
}
/// <summary>
/// Anti-forgery token configuration used to protect workflow submissions.
/// </summary>
public sealed class AuthorityVulnAntiForgeryOptions
{
/// <summary>
/// Determines whether anti-forgery token issuance/verification is enabled.
/// </summary>
public bool Enabled { get; set; } = true;
/// <summary>
/// Audience claim value embedded in issued tokens.
/// </summary>
public string Audience { get; set; } = "stellaops:vuln-workflow";
/// <summary>
/// Default lifetime applied when callers omit an explicit expiration.
/// </summary>
public TimeSpan DefaultLifetime { get; set; } = TimeSpan.FromMinutes(10);
/// <summary>
/// Maximum lifetime permitted for anti-forgery tokens.
/// </summary>
public TimeSpan MaxLifetime { get; set; } = TimeSpan.FromMinutes(30);
/// <summary>
/// Optional maximum size for the context dictionary payload.
/// </summary>
public int MaxContextEntries { get; set; } = 16;
/// <summary>
/// Maximum length permitted per context value entry.
/// </summary>
public int MaxContextValueLength { get; set; } = 256;
internal void Validate()
{
if (!Enabled)
{
return;
}
if (string.IsNullOrWhiteSpace(Audience))
{
throw new InvalidOperationException("vulnerabilityExplorer.workflow.antiForgery.audience must be specified when anti-forgery tokens are enabled.");
}
if (DefaultLifetime <= TimeSpan.Zero)
{
throw new InvalidOperationException("vulnerabilityExplorer.workflow.antiForgery.defaultLifetime must be greater than zero.");
}
if (MaxLifetime <= TimeSpan.Zero || MaxLifetime < DefaultLifetime)
{
throw new InvalidOperationException("vulnerabilityExplorer.workflow.antiForgery.maxLifetime must be greater than zero and greater than or equal to defaultLifetime.");
}
if (MaxContextEntries < 0)
{
throw new InvalidOperationException("vulnerabilityExplorer.workflow.antiForgery.maxContextEntries must be non-negative.");
}
if (MaxContextValueLength <= 0)
{
throw new InvalidOperationException("vulnerabilityExplorer.workflow.antiForgery.maxContextValueLength must be greater than zero.");
}
}
}
/// <summary>
/// Attachment token configuration used to protect ledger attachments.
/// </summary>
public sealed class AuthorityVulnAttachmentOptions
{
/// <summary>
/// Determines whether attachment token issuance/verification is enabled.
/// </summary>
public bool Enabled { get; set; } = true;
/// <summary>
/// Default lifetime for attachment access tokens.
/// </summary>
public TimeSpan DefaultLifetime { get; set; } = TimeSpan.FromMinutes(30);
/// <summary>
/// Maximum lifetime permitted for attachment access tokens.
/// </summary>
public TimeSpan MaxLifetime { get; set; } = TimeSpan.FromHours(4);
/// <summary>
/// Payload type identifier emitted in audit and downstream validation.
/// </summary>
public string PayloadType { get; set; } = "application/vnd.stellaops.vuln-attachment-token+json";
/// <summary>
/// Optional limit on attachment metadata entries.
/// </summary>
public int MaxMetadataEntries { get; set; } = 16;
/// <summary>
/// Optional maximum length for metadata values.
/// </summary>
public int MaxMetadataValueLength { get; set; } = 512;
internal void Validate()
{
if (!Enabled)
{
return;
}
if (DefaultLifetime <= TimeSpan.Zero)
{
throw new InvalidOperationException("vulnerabilityExplorer.attachments.defaultLifetime must be greater than zero when attachment tokens are enabled.");
}
if (MaxLifetime <= TimeSpan.Zero || MaxLifetime < DefaultLifetime)
{
throw new InvalidOperationException("vulnerabilityExplorer.attachments.maxLifetime must be greater than zero and greater than or equal to defaultLifetime.");
}
if (string.IsNullOrWhiteSpace(PayloadType))
{
throw new InvalidOperationException("vulnerabilityExplorer.attachments.payloadType must be specified when attachment tokens are enabled.");
}
if (MaxMetadataEntries < 0)
{
throw new InvalidOperationException("vulnerabilityExplorer.attachments.maxMetadataEntries must be non-negative.");
}
if (MaxMetadataValueLength <= 0)
{
throw new InvalidOperationException("vulnerabilityExplorer.attachments.maxMetadataValueLength must be greater than zero.");
}
}
}