f98cea3bcf
- Introduced AuthorityAdvisoryAiOptions and related classes for managing advisory AI configurations, including remote inference options and tenant-specific settings. - Added AuthorityApiLifecycleOptions to control API lifecycle settings, including legacy OAuth endpoint configurations. - Implemented validation and normalization methods for both advisory AI and API lifecycle options to ensure proper configuration. - Created AuthorityNotificationsOptions and its related classes for managing notification settings, including ack tokens, webhooks, and escalation options. - Developed IssuerDirectoryClient and related models for interacting with the issuer directory service, including caching mechanisms and HTTP client configurations. - Added support for dependency injection through ServiceCollectionExtensions for the Issuer Directory Client. - Updated project file to include necessary package references for the new Issuer Directory Client library.
139 lines
5.0 KiB
C#
139 lines
5.0 KiB
C#
using System;
|
|
using System.Linq;
|
|
|
|
namespace StellaOps.Notify.WebService.Options;
|
|
|
|
internal static class NotifyWebServiceOptionsValidator
|
|
{
|
|
public static void Validate(NotifyWebServiceOptions options)
|
|
{
|
|
ArgumentNullException.ThrowIfNull(options);
|
|
|
|
ValidateStorage(options.Storage);
|
|
ValidateAuthority(options.Authority);
|
|
ValidateApi(options.Api);
|
|
}
|
|
|
|
private static void ValidateStorage(NotifyWebServiceOptions.StorageOptions storage)
|
|
{
|
|
ArgumentNullException.ThrowIfNull(storage);
|
|
|
|
var driver = storage.Driver ?? string.Empty;
|
|
if (!string.Equals(driver, "mongo", StringComparison.OrdinalIgnoreCase) &&
|
|
!string.Equals(driver, "memory", StringComparison.OrdinalIgnoreCase))
|
|
{
|
|
throw new InvalidOperationException($"Unsupported storage driver '{storage.Driver}'.");
|
|
}
|
|
|
|
if (string.Equals(driver, "mongo", StringComparison.OrdinalIgnoreCase))
|
|
{
|
|
if (string.IsNullOrWhiteSpace(storage.ConnectionString))
|
|
{
|
|
throw new InvalidOperationException("notify:storage:connectionString must be provided.");
|
|
}
|
|
|
|
if (string.IsNullOrWhiteSpace(storage.Database))
|
|
{
|
|
throw new InvalidOperationException("notify:storage:database must be provided.");
|
|
}
|
|
|
|
if (storage.CommandTimeoutSeconds <= 0)
|
|
{
|
|
throw new InvalidOperationException("notify:storage:commandTimeoutSeconds must be positive.");
|
|
}
|
|
}
|
|
}
|
|
|
|
private static void ValidateAuthority(NotifyWebServiceOptions.AuthorityOptions authority)
|
|
{
|
|
ArgumentNullException.ThrowIfNull(authority);
|
|
|
|
if (authority.Enabled)
|
|
{
|
|
if (string.IsNullOrWhiteSpace(authority.Issuer))
|
|
{
|
|
throw new InvalidOperationException("notify:authority:issuer must be provided when authority is enabled.");
|
|
}
|
|
|
|
if (authority.Audiences is null || authority.Audiences.Count == 0)
|
|
{
|
|
throw new InvalidOperationException("notify:authority:audiences must include at least one value.");
|
|
}
|
|
|
|
if (string.IsNullOrWhiteSpace(authority.AdminScope)
|
|
|| string.IsNullOrWhiteSpace(authority.OperatorScope)
|
|
|| string.IsNullOrWhiteSpace(authority.ViewerScope))
|
|
{
|
|
throw new InvalidOperationException("notify:authority admin, operator, and viewer scopes must be configured.");
|
|
}
|
|
}
|
|
else
|
|
{
|
|
if (string.IsNullOrWhiteSpace(authority.DevelopmentSigningKey) || authority.DevelopmentSigningKey.Length < 32)
|
|
{
|
|
throw new InvalidOperationException("notify:authority:developmentSigningKey must be at least 32 characters when authority is disabled.");
|
|
}
|
|
}
|
|
}
|
|
|
|
private static void ValidateApi(NotifyWebServiceOptions.ApiOptions api)
|
|
{
|
|
ArgumentNullException.ThrowIfNull(api);
|
|
|
|
if (!api.BasePath.StartsWith("/", StringComparison.Ordinal))
|
|
{
|
|
throw new InvalidOperationException("notify:api:basePath must start with '/'.");
|
|
}
|
|
|
|
if (!api.InternalBasePath.StartsWith("/", StringComparison.Ordinal))
|
|
{
|
|
throw new InvalidOperationException("notify:api:internalBasePath must start with '/'.");
|
|
}
|
|
|
|
if (string.IsNullOrWhiteSpace(api.TenantHeader))
|
|
{
|
|
throw new InvalidOperationException("notify:api:tenantHeader must be provided.");
|
|
}
|
|
|
|
ValidateRateLimits(api.RateLimits);
|
|
}
|
|
|
|
private static void ValidateRateLimits(NotifyWebServiceOptions.RateLimitOptions rateLimits)
|
|
{
|
|
ArgumentNullException.ThrowIfNull(rateLimits);
|
|
|
|
ValidatePolicy(rateLimits.DeliveryHistory, "notify:api:rateLimits:deliveryHistory");
|
|
ValidatePolicy(rateLimits.TestSend, "notify:api:rateLimits:testSend");
|
|
|
|
static void ValidatePolicy(NotifyWebServiceOptions.RateLimitPolicyOptions options, string prefix)
|
|
{
|
|
ArgumentNullException.ThrowIfNull(options);
|
|
|
|
if (!options.Enabled)
|
|
{
|
|
return;
|
|
}
|
|
|
|
if (options.TokenLimit <= 0)
|
|
{
|
|
throw new InvalidOperationException($"{prefix}:tokenLimit must be positive when enabled.");
|
|
}
|
|
|
|
if (options.TokensPerPeriod <= 0)
|
|
{
|
|
throw new InvalidOperationException($"{prefix}:tokensPerPeriod must be positive when enabled.");
|
|
}
|
|
|
|
if (options.ReplenishmentPeriodSeconds <= 0)
|
|
{
|
|
throw new InvalidOperationException($"{prefix}:replenishmentPeriodSeconds must be positive when enabled.");
|
|
}
|
|
|
|
if (options.QueueLimit < 0)
|
|
{
|
|
throw new InvalidOperationException($"{prefix}:queueLimit cannot be negative.");
|
|
}
|
|
}
|
|
}
|
|
}
|