protecting api
This commit is contained in:
Paul Schneider
6
.vscode/tasks.json
vendored
6
.vscode/tasks.json
vendored
@ -9,7 +9,8 @@
|
|||||||
"build",
|
"build",
|
||||||
"${workspaceFolder}/nuget-host.csproj",
|
"${workspaceFolder}/nuget-host.csproj",
|
||||||
"/property:GenerateFullPaths=true",
|
"/property:GenerateFullPaths=true",
|
||||||
"/consoleloggerparameters:NoSummary"
|
"/consoleloggerparameters:NoSummary",
|
||||||
|
"/restore"
|
||||||
],
|
],
|
||||||
"problemMatcher": "$msCompile"
|
"problemMatcher": "$msCompile"
|
||||||
},
|
},
|
||||||
@ -40,7 +41,8 @@
|
|||||||
"type": "process",
|
"type": "process",
|
||||||
"args": [
|
"args": [
|
||||||
"bin/Debug/netcoreapp2.0/nuget-host.dll",
|
"bin/Debug/netcoreapp2.0/nuget-host.dll",
|
||||||
"/property:GenerateFullPaths=true"
|
"/property:GenerateFullPaths=true",
|
||||||
|
"/restore"
|
||||||
],
|
],
|
||||||
"options": {
|
"options": {
|
||||||
"env": {
|
"env": {
|
||||||
|
|||||||
@ -3,6 +3,8 @@ using System.Collections.Generic;
|
|||||||
using System.IO;
|
using System.IO;
|
||||||
using System.IO.Compression;
|
using System.IO.Compression;
|
||||||
using System.Linq;
|
using System.Linq;
|
||||||
|
using Microsoft.AspNetCore.Authorization;
|
||||||
|
using Microsoft.AspNetCore.DataProtection;
|
||||||
using Microsoft.AspNetCore.Mvc;
|
using Microsoft.AspNetCore.Mvc;
|
||||||
using Microsoft.Extensions.Logging;
|
using Microsoft.Extensions.Logging;
|
||||||
using NuGet.Packaging;
|
using NuGet.Packaging;
|
||||||
@ -12,21 +14,29 @@ namespace nuget_host.Controllers
|
|||||||
public class PackagesController : Controller
|
public class PackagesController : Controller
|
||||||
{
|
{
|
||||||
private ILogger<PackagesController> logger;
|
private ILogger<PackagesController> logger;
|
||||||
|
private IDataProtector protector;
|
||||||
|
|
||||||
public PackagesController(ILoggerFactory loggerFactory)
|
public PackagesController(ILoggerFactory loggerFactory, IDataProtectionProvider provider)
|
||||||
{
|
{
|
||||||
logger = loggerFactory.CreateLogger<PackagesController>();
|
logger = loggerFactory.CreateLogger<PackagesController>();
|
||||||
|
protector = provider.CreateProtector("Packages.v1");
|
||||||
}
|
}
|
||||||
|
|
||||||
[HttpPut("packages/{*spec}")]
|
[HttpPut("packages/{*spec}")]
|
||||||
public IActionResult Put(string spec)
|
public IActionResult Put(string spec)
|
||||||
{
|
{
|
||||||
string path = null;
|
string path = null;
|
||||||
|
|
||||||
if (string.IsNullOrEmpty(spec))
|
if (string.IsNullOrEmpty(spec))
|
||||||
{
|
{
|
||||||
var clientVersionId = Request.Headers["X-NuGet-Client-Version"];
|
var clientVersionId = Request.Headers["X-NuGet-Client-Version"];
|
||||||
|
var apiKey = Request.Headers["X-NuGet-ApiKey"];
|
||||||
ViewData["nuget client "] = "nuget {clientVersionId}";
|
ViewData["nuget client "] = "nuget {clientVersionId}";
|
||||||
|
|
||||||
|
var clearkey = protector.Unprotect(apiKey);
|
||||||
|
if (clearkey!= Startup.RootApiKeySecret)
|
||||||
|
return Unauthorized();
|
||||||
|
|
||||||
foreach (var file in Request.Form.Files)
|
foreach (var file in Request.Form.Files)
|
||||||
{
|
{
|
||||||
string initpath = "package.nupkg";
|
string initpath = "package.nupkg";
|
||||||
@ -109,5 +119,12 @@ namespace nuget_host.Controllers
|
|||||||
}
|
}
|
||||||
return Ok(ViewData);
|
return Ok(ViewData);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
[Authorize]
|
||||||
|
[HttpGet("api/get-key/{*apikey}")]
|
||||||
|
public IActionResult GetApiKey(string apiKey)
|
||||||
|
{
|
||||||
|
return Ok(protector.Protect(apiKey));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
20
Startup.cs
20
Startup.cs
@ -2,7 +2,9 @@
|
|||||||
using System.Collections.Generic;
|
using System.Collections.Generic;
|
||||||
using System.Linq;
|
using System.Linq;
|
||||||
using System.Threading.Tasks;
|
using System.Threading.Tasks;
|
||||||
|
using Microsoft.AspNetCore.Authentication.JwtBearer;
|
||||||
using Microsoft.AspNetCore.Builder;
|
using Microsoft.AspNetCore.Builder;
|
||||||
|
using Microsoft.AspNetCore.DataProtection;
|
||||||
using Microsoft.AspNetCore.Hosting;
|
using Microsoft.AspNetCore.Hosting;
|
||||||
using Microsoft.Extensions.Configuration;
|
using Microsoft.Extensions.Configuration;
|
||||||
using Microsoft.Extensions.DependencyInjection;
|
using Microsoft.Extensions.DependencyInjection;
|
||||||
@ -11,7 +13,7 @@ namespace nuget_host
|
|||||||
{
|
{
|
||||||
public class Startup
|
public class Startup
|
||||||
{
|
{
|
||||||
public Startup(IHostingEnvironment env, IConfiguration config)
|
public Startup(IConfiguration config)
|
||||||
{
|
{
|
||||||
Configuration = config;
|
Configuration = config;
|
||||||
}
|
}
|
||||||
@ -19,11 +21,26 @@ namespace nuget_host
|
|||||||
public IConfiguration Configuration { get; }
|
public IConfiguration Configuration { get; }
|
||||||
public static string ExternalUrl { get; private set; }
|
public static string ExternalUrl { get; private set; }
|
||||||
public static string SourceDir { get; private set; }
|
public static string SourceDir { get; private set; }
|
||||||
|
public static string RootApiKeySecret { get; private set; }
|
||||||
|
|
||||||
// This method gets called by the runtime. Use this method to add services to the container.
|
// This method gets called by the runtime. Use this method to add services to the container.
|
||||||
public void ConfigureServices(IServiceCollection services)
|
public void ConfigureServices(IServiceCollection services)
|
||||||
{
|
{
|
||||||
|
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
|
||||||
|
.AddJwtBearer(options =>
|
||||||
|
{
|
||||||
|
// base-address of your identityserver
|
||||||
|
options.Authority = ExternalUrl;
|
||||||
|
|
||||||
|
// if you are using API resources, you can specify the name here
|
||||||
|
options.Audience = "packages";
|
||||||
|
|
||||||
|
});
|
||||||
|
|
||||||
services.AddMvc();
|
services.AddMvc();
|
||||||
|
|
||||||
|
services.AddDataProtection();
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
|
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
|
||||||
@ -40,6 +57,7 @@ namespace nuget_host
|
|||||||
|
|
||||||
ExternalUrl = Configuration["NuGet:ExternalUrl"];
|
ExternalUrl = Configuration["NuGet:ExternalUrl"];
|
||||||
SourceDir = Configuration["NuGet:SourceDir"];
|
SourceDir = Configuration["NuGet:SourceDir"];
|
||||||
|
RootApiKeySecret = Configuration["RootApiKeySecret"];
|
||||||
|
|
||||||
app.UseStaticFiles();
|
app.UseStaticFiles();
|
||||||
|
|
||||||
|
|||||||
@ -2,5 +2,6 @@
|
|||||||
"NuGet": {
|
"NuGet": {
|
||||||
"ExternalUrl" : "<http://localhost:5000/Packages",
|
"ExternalUrl" : "<http://localhost:5000/Packages",
|
||||||
"SourceDir" : "packages"
|
"SourceDir" : "packages"
|
||||||
}
|
},
|
||||||
|
"RootApiKeySecret": "secret-key"
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,4 +1,5 @@
|
|||||||
{
|
{
|
||||||
|
"RootApiKeySecret": "<your-root-api-clear-key>",
|
||||||
"NuGet": {
|
"NuGet": {
|
||||||
"ExternalUrl" : "<http://your-external.url",
|
"ExternalUrl" : "<http://your-external.url",
|
||||||
"SourceDir" : "<your-Source-dir>"
|
"SourceDir" : "<your-Source-dir>"
|
||||||
|
|||||||
@ -10,7 +10,7 @@
|
|||||||
<PackageReference Include="Microsoft.AspNetCore.SignalR.Common" Version="1.0.0-alpha2-final" />
|
<PackageReference Include="Microsoft.AspNetCore.SignalR.Common" Version="1.0.0-alpha2-final" />
|
||||||
|
|
||||||
<PackageReference Include="NuGet.Packaging.Core" Version="5.9.0" />
|
<PackageReference Include="NuGet.Packaging.Core" Version="5.9.0" />
|
||||||
|
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="2.2.0" />
|
||||||
</ItemGroup>
|
</ItemGroup>
|
||||||
|
|
||||||
<ItemGroup>
|
<ItemGroup>
|
||||||
|
|||||||
Reference in New Issue
Block a user