50 lines
1.9 KiB
C#
50 lines
1.9 KiB
C#
using System.Security.Cryptography.X509Certificates;
|
|
using Microsoft.Extensions.Options;
|
|
using StellaOps.Zastava.Webhook.Configuration;
|
|
|
|
namespace StellaOps.Zastava.Webhook.Certificates;
|
|
|
|
public interface IWebhookCertificateProvider
|
|
{
|
|
X509Certificate2 GetCertificate();
|
|
}
|
|
|
|
public sealed class WebhookCertificateProvider : IWebhookCertificateProvider
|
|
{
|
|
private readonly ILogger<WebhookCertificateProvider> _logger;
|
|
private readonly ZastavaWebhookTlsOptions _options;
|
|
private readonly Lazy<X509Certificate2> _certificate;
|
|
private readonly IWebhookCertificateSource _certificateSource;
|
|
|
|
public WebhookCertificateProvider(
|
|
IOptions<ZastavaWebhookOptions> options,
|
|
IEnumerable<IWebhookCertificateSource> certificateSources,
|
|
ILogger<WebhookCertificateProvider> logger)
|
|
{
|
|
_logger = logger;
|
|
_options = options.Value.Tls;
|
|
_certificateSource = certificateSources.FirstOrDefault(source => source.CanHandle(_options.Mode))
|
|
?? throw new InvalidOperationException($"No certificate source registered for mode {_options.Mode}.");
|
|
|
|
_certificate = new Lazy<X509Certificate2>(LoadCertificate, LazyThreadSafetyMode.ExecutionAndPublication);
|
|
}
|
|
|
|
public X509Certificate2 GetCertificate() => _certificate.Value;
|
|
|
|
private X509Certificate2 LoadCertificate()
|
|
{
|
|
_logger.LogInformation("Loading webhook TLS certificate using {Mode} mode.", _options.Mode);
|
|
var certificate = _certificateSource.LoadCertificate(_options);
|
|
_logger.LogInformation("Loaded webhook TLS certificate with subject {Subject} and thumbprint {Thumbprint}.",
|
|
certificate.Subject, certificate.Thumbprint);
|
|
return certificate;
|
|
}
|
|
}
|
|
|
|
public interface IWebhookCertificateSource
|
|
{
|
|
bool CanHandle(ZastavaWebhookTlsMode mode);
|
|
|
|
X509Certificate2 LoadCertificate(ZastavaWebhookTlsOptions options);
|
|
}
|