added method to create new s3 keys for users

2023-02-28 11:16:19 +01:00 · 2023-02-28 11:16:19 +01:00 · 45e12b0318
parent 3795385ccb
commit 45e12b0318
2 changed files with 20 additions and 14 deletions
--- a/csharp/App/Backend/Database/User.cs
+++ b/csharp/App/Backend/Database/User.cs
@ -1,6 +1,9 @@
+using System.Diagnostics.CodeAnalysis;
 using System.Net.Mail;
 using System.Security.Cryptography;
 using System.Text;
+using System.Text.Json;
+using System.Text.Json.Nodes;
 using Flurl.Http;
 using Innovenergy.Backend.Model;
 using Innovenergy.Backend.Utils;
@ -56,38 +59,41 @@ public partial class Db
        return Create(user);
    }

+    [UnconditionalSuppressMessage("Trimming", "IL2026:Members annotated with 'RequiresUnreferencedCodeAttribute' require dynamic access otherwise can break functionality when trimming application code", Justification = "<Pending>")]
    public Object CreateAndSaveUserS3ApiKey(User user)
    {
        //EXOSCALE API URL
        const String url = "https://api-ch-dk-2.exoscale.com/v2/access-key";
        const String secret = "S2K1okphiCSNK4mzqr4swguFzngWAMb1OoSlZsJa9F0";
        const String apiKey = "EXOb98ec9008e3ec16e19d7b593";
-        var payload = new
-        {
-            name = user.Email,
-            operations = new List<String> { "getObject", "listBucket" },
-            content = new List<Object> { }
-        };

-        var installationIdList = User2Installation
+        var installationList = User2Installation
            .Where(i => i.UserId == user.Id)
            .SelectMany(i => Installations.Where(f => i.InstallationId == f.Id))
            .ToList();

-        foreach (var installation in installationIdList)
+       
+        var instList = new JsonArray();
+        
+        foreach (var installation in installationList)
        {
-            payload.content.Add(new { domain = "sos", resource_type = "bucket", resource_name = installation.Name }); //TODO CHANGE NAME TO S3BUCKET
+            instList.Add(new JsonObject {["domain"] = "sos",["resource-name"] = installation.Name,["resource-type"] = "bucket"});
        }
        
+        var jsonPayload = new JsonObject { ["name"] = user.Email, ["operations"] = new JsonArray{ "getObject", "listBucket" }, ["content"] = instList};
+        var expiration = DateTime.Now.AddHours(24);
+        
+        var signature = $"POST /v2/access-key\n{jsonPayload}\n\n\n{expiration}";
        using var hmacSha1 = new HMACSHA1(Encoding.UTF8.GetBytes(secret));
-        var signature = Encoding.UTF8
-            .GetBytes(payload.ToString())
+        
+        signature = Encoding.UTF8
+            .GetBytes(signature)
            .Apply(hmacSha1.ComputeHash)
            .Apply(Convert.ToBase64String);

        var keyJson = url
-            .WithHeader("Authorization", $"POST {apiKey};{signature}")
-            .PostJsonAsync(payload)
+            .WithHeader("Authorization", $"EXO2-HMAC-SHA256 credential={apiKey},expires={((DateTimeOffset)expiration).ToUnixTimeSeconds()},signature={signature}")
+            .PostJsonAsync(jsonPayload.ToString())
            .ReceiveJson()
            .Result;

--- a/csharp/App/Backend/db.sqlite
+++ b/csharp/App/Backend/db.sqlite