85 lines
2.9 KiB
C#
85 lines
2.9 KiB
C#
|
|
using Microsoft.Extensions.DependencyInjection;
|
|
using Microsoft.Extensions.DependencyInjection.Extensions;
|
|
using StellaOps.Signer.Core;
|
|
using System;
|
|
|
|
namespace StellaOps.Signer.Infrastructure.Signing;
|
|
|
|
/// <summary>
|
|
/// Extension methods for registering signing services with dependency injection.
|
|
/// </summary>
|
|
public static class SigningServiceCollectionExtensions
|
|
{
|
|
/// <summary>
|
|
/// Adds the DSSE signing services to the service collection.
|
|
/// </summary>
|
|
/// <param name="services">The service collection.</param>
|
|
/// <param name="configure">Optional configuration action for signer options.</param>
|
|
/// <returns>The service collection for chaining.</returns>
|
|
public static IServiceCollection AddDsseSigning(
|
|
this IServiceCollection services,
|
|
Action<DsseSignerOptions>? configure = null)
|
|
{
|
|
ArgumentNullException.ThrowIfNull(services);
|
|
|
|
// Register options
|
|
var optionsBuilder = services.AddOptions<DsseSignerOptions>();
|
|
if (configure is not null)
|
|
{
|
|
optionsBuilder.Configure(configure);
|
|
}
|
|
|
|
// Register time provider if not already registered
|
|
services.TryAddSingleton(TimeProvider.System);
|
|
|
|
// Register signing key resolver
|
|
services.TryAddSingleton<ISigningKeyResolver, DefaultSigningKeyResolver>();
|
|
|
|
// Register DSSE signer
|
|
services.TryAddSingleton<IDsseSigner, CryptoDsseSigner>();
|
|
|
|
return services;
|
|
}
|
|
|
|
/// <summary>
|
|
/// Adds the DSSE signing services with KMS configuration.
|
|
/// </summary>
|
|
/// <param name="services">The service collection.</param>
|
|
/// <param name="defaultKmsKeyId">The default KMS key identifier.</param>
|
|
/// <param name="configure">Additional configuration action.</param>
|
|
/// <returns>The service collection for chaining.</returns>
|
|
public static IServiceCollection AddDsseSigningWithKms(
|
|
this IServiceCollection services,
|
|
string defaultKmsKeyId,
|
|
Action<DsseSignerOptions>? configure = null)
|
|
{
|
|
ArgumentNullException.ThrowIfNull(services);
|
|
ArgumentException.ThrowIfNullOrWhiteSpace(defaultKmsKeyId);
|
|
|
|
return services.AddDsseSigning(options =>
|
|
{
|
|
options.DefaultKmsKeyId = defaultKmsKeyId;
|
|
configure?.Invoke(options);
|
|
});
|
|
}
|
|
|
|
/// <summary>
|
|
/// Adds the DSSE signing services configured for keyless (ephemeral) signing only.
|
|
/// </summary>
|
|
/// <param name="services">The service collection.</param>
|
|
/// <param name="issuer">The issuer URL for keyless certificates.</param>
|
|
/// <returns>The service collection for chaining.</returns>
|
|
public static IServiceCollection AddDsseSigningKeyless(
|
|
this IServiceCollection services,
|
|
string issuer = "https://stellaops.io")
|
|
{
|
|
ArgumentNullException.ThrowIfNull(services);
|
|
|
|
return services.AddDsseSigning(options =>
|
|
{
|
|
options.DefaultIssuer = issuer;
|
|
});
|
|
}
|
|
}
|