122 lines
4.3 KiB
C#
122 lines
4.3 KiB
C#
using System;
|
|
using System.Linq;
|
|
|
|
namespace StellaOps.Notify.WebService.Options;
|
|
|
|
internal static class NotifyWebServiceOptionsValidator
|
|
{
|
|
public static void Validate(NotifyWebServiceOptions options)
|
|
{
|
|
ArgumentNullException.ThrowIfNull(options);
|
|
|
|
ValidateStorage(options.Storage);
|
|
ValidateAuthority(options.Authority);
|
|
ValidateApi(options.Api);
|
|
}
|
|
|
|
private static void ValidateStorage(NotifyWebServiceOptions.StorageOptions storage)
|
|
{
|
|
ArgumentNullException.ThrowIfNull(storage);
|
|
|
|
var driver = storage.Driver ?? string.Empty;
|
|
// Allow 'memory' driver for testing purposes, 'postgres' for production
|
|
var allowedDrivers = new[] { "postgres", "memory" };
|
|
if (!allowedDrivers.Any(d => string.Equals(d, driver, StringComparison.OrdinalIgnoreCase)))
|
|
{
|
|
throw new InvalidOperationException($"Unsupported storage driver '{storage.Driver}'. Supported drivers: {string.Join(", ", allowedDrivers)}.");
|
|
}
|
|
}
|
|
|
|
private static void ValidateAuthority(NotifyWebServiceOptions.AuthorityOptions authority)
|
|
{
|
|
ArgumentNullException.ThrowIfNull(authority);
|
|
|
|
if (authority.Enabled)
|
|
{
|
|
if (string.IsNullOrWhiteSpace(authority.Issuer))
|
|
{
|
|
throw new InvalidOperationException("notify:authority:issuer must be provided when authority is enabled.");
|
|
}
|
|
|
|
if (authority.Audiences is null || authority.Audiences.Count == 0)
|
|
{
|
|
throw new InvalidOperationException("notify:authority:audiences must include at least one value.");
|
|
}
|
|
|
|
if (string.IsNullOrWhiteSpace(authority.AdminScope)
|
|
|| string.IsNullOrWhiteSpace(authority.OperatorScope)
|
|
|| string.IsNullOrWhiteSpace(authority.ViewerScope))
|
|
{
|
|
throw new InvalidOperationException("notify:authority admin, operator, and viewer scopes must be configured.");
|
|
}
|
|
}
|
|
else
|
|
{
|
|
if (string.IsNullOrWhiteSpace(authority.DevelopmentSigningKey) || authority.DevelopmentSigningKey.Length < 32)
|
|
{
|
|
throw new InvalidOperationException("notify:authority:developmentSigningKey must be at least 32 characters when authority is disabled.");
|
|
}
|
|
}
|
|
}
|
|
|
|
private static void ValidateApi(NotifyWebServiceOptions.ApiOptions api)
|
|
{
|
|
ArgumentNullException.ThrowIfNull(api);
|
|
|
|
if (!api.BasePath.StartsWith("/", StringComparison.Ordinal))
|
|
{
|
|
throw new InvalidOperationException("notify:api:basePath must start with '/'.");
|
|
}
|
|
|
|
if (!api.InternalBasePath.StartsWith("/", StringComparison.Ordinal))
|
|
{
|
|
throw new InvalidOperationException("notify:api:internalBasePath must start with '/'.");
|
|
}
|
|
|
|
if (string.IsNullOrWhiteSpace(api.TenantHeader))
|
|
{
|
|
throw new InvalidOperationException("notify:api:tenantHeader must be provided.");
|
|
}
|
|
|
|
ValidateRateLimits(api.RateLimits);
|
|
}
|
|
|
|
private static void ValidateRateLimits(NotifyWebServiceOptions.RateLimitOptions rateLimits)
|
|
{
|
|
ArgumentNullException.ThrowIfNull(rateLimits);
|
|
|
|
ValidatePolicy(rateLimits.DeliveryHistory, "notify:api:rateLimits:deliveryHistory");
|
|
ValidatePolicy(rateLimits.TestSend, "notify:api:rateLimits:testSend");
|
|
|
|
static void ValidatePolicy(NotifyWebServiceOptions.RateLimitPolicyOptions options, string prefix)
|
|
{
|
|
ArgumentNullException.ThrowIfNull(options);
|
|
|
|
if (!options.Enabled)
|
|
{
|
|
return;
|
|
}
|
|
|
|
if (options.TokenLimit <= 0)
|
|
{
|
|
throw new InvalidOperationException($"{prefix}:tokenLimit must be positive when enabled.");
|
|
}
|
|
|
|
if (options.TokensPerPeriod <= 0)
|
|
{
|
|
throw new InvalidOperationException($"{prefix}:tokensPerPeriod must be positive when enabled.");
|
|
}
|
|
|
|
if (options.ReplenishmentPeriodSeconds <= 0)
|
|
{
|
|
throw new InvalidOperationException($"{prefix}:replenishmentPeriodSeconds must be positive when enabled.");
|
|
}
|
|
|
|
if (options.QueueLimit < 0)
|
|
{
|
|
throw new InvalidOperationException($"{prefix}:queueLimit cannot be negative.");
|
|
}
|
|
}
|
|
}
|
|
}
|