using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.DependencyInjection.Extensions;
using StellaOps.Signer.Core;
using System;
namespace StellaOps.Signer.Infrastructure.Signing;
///
/// Extension methods for registering signing services with dependency injection.
///
public static class SigningServiceCollectionExtensions
{
///
/// Adds the DSSE signing services to the service collection.
///
/// The service collection.
/// Optional configuration action for signer options.
/// The service collection for chaining.
public static IServiceCollection AddDsseSigning(
this IServiceCollection services,
Action? configure = null)
{
ArgumentNullException.ThrowIfNull(services);
// Register options
var optionsBuilder = services.AddOptions();
if (configure is not null)
{
optionsBuilder.Configure(configure);
}
// Register time provider if not already registered
services.TryAddSingleton(TimeProvider.System);
// Register signing key resolver
services.TryAddSingleton();
// Register DSSE signer
services.TryAddSingleton();
return services;
}
///
/// Adds the DSSE signing services with KMS configuration.
///
/// The service collection.
/// The default KMS key identifier.
/// Additional configuration action.
/// The service collection for chaining.
public static IServiceCollection AddDsseSigningWithKms(
this IServiceCollection services,
string defaultKmsKeyId,
Action? configure = null)
{
ArgumentNullException.ThrowIfNull(services);
ArgumentException.ThrowIfNullOrWhiteSpace(defaultKmsKeyId);
return services.AddDsseSigning(options =>
{
options.DefaultKmsKeyId = defaultKmsKeyId;
configure?.Invoke(options);
});
}
///
/// Adds the DSSE signing services configured for keyless (ephemeral) signing only.
///
/// The service collection.
/// The issuer URL for keyless certificates.
/// The service collection for chaining.
public static IServiceCollection AddDsseSigningKeyless(
this IServiceCollection services,
string issuer = "https://stellaops.io")
{
ArgumentNullException.ThrowIfNull(services);
return services.AddDsseSigning(options =>
{
options.DefaultIssuer = issuer;
});
}
}