Skip to content

Commit

Permalink
Added authorization key for cron controller
Browse files Browse the repository at this point in the history
  • Loading branch information
@axunonb
axunonb committed Jan 27, 2021
1 parent bed121b commit d1d9788
Show file tree
Hide file tree
Showing 5 changed files with 82 additions and 40 deletions.
31 changes: 25 additions & 6 deletions League/Configuration/Credentials.Development.json
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,26 @@
{
"ConnectionStrings": {
"TestOrgConnectionString": "Server=(LocalDB)\\MSSQLLocalDB;AttachDbFilename=Path-To-File.mdf;Database=TestOrg;Integrated Security=SSPI;Connection Timeout=50;Pooling=true;MultipleActiveResultSets=true",
"OtherOrgConnectionString": "Server=(LocalDB)\\MSSQLLocalDB;AttachDbFilename=Path-To-File.mdf;Database=OtherOrg;Integrated Security=SSPI;Connection Timeout=50;Pooling=true;MultipleActiveResultSets=true",
"AugsburgConnectionString": "Server=(LocalDB)\\MSSQLLocalDB;AttachDbFilename=Path-To-File.mdf;Database=LeagueA_Copy;Integrated Security=SSPI;Connection Timeout=50;Pooling=true;MultipleActiveResultSets=true"
}
}
"ConnectionStrings": {
"TestOrgConnectionString": "Server=(LocalDB)\\MSSQLLocalDB;AttachDbFilename=Path-To-File.mdf;Database=TestOrg;Integrated Security=SSPI;Connection Timeout=50;Pooling=true;MultipleActiveResultSets=true",
"OtherOrgConnectionString": "Server=(LocalDB)\\MSSQLLocalDB;AttachDbFilename=Path-To-File.mdf;Database=OtherOrg;Integrated Security=SSPI;Connection Timeout=50;Pooling=true;MultipleActiveResultSets=true",
},
"GoogleConfiguration": {
"WebApiKey": "**enter-key-here**",
"ServiceApiKey": "**enter-key-here**",
"AnalyticsTrackingId": "**enter-key-here**"
},
"SocialLogins": {
"Facebook": {
"AppId": "**enter-key-here**",
"AppSecret": "**enter-key-here**"
},
"Google": {
"ClientId": "**enter-key-here**",
"ClientSecret": "**enter-key-here**"
},
"Microsoft": {
"ClientId": "**enter-key-here**",
"ClientSecret": "**enter-key-here**"
}
},
"ScheduledTaskKey": "**app-internal-key**"
}
26 changes: 23 additions & 3 deletions League/Configuration/Credentials.Production.json
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,25 @@
{
"ConnectionStrings": {
"leagueConnectionString": "Server=127.0.0.1;User Id=user;Password=password;Integrated Security=false;Connection Timeout=15;Pooling=true;MultipleActiveResultSets=true"
}
"ConnectionStrings": {
"leagueConnectionString": "Server=127.0.0.1;User Id=user;Password=password;Integrated Security=false;Connection Timeout=15;Pooling=true;MultipleActiveResultSets=true"
},
"GoogleConfiguration": {
"WebApiKey": "**enter-key-here**",
"ServiceApiKey": "**enter-key-here**",
"AnalyticsTrackingId": "**enter-key-here**"
},
"SocialLogins": {
"Facebook": {
"AppId": "**enter-key-here**",
"AppSecret": "**enter-key-here**"
},
"Google": {
"ClientId": "**enter-key-here**",
"ClientSecret": "**enter-key-here**"
},
"Microsoft": {
"ClientId": "**enter-key-here**",
"ClientSecret": "**enter-key-here**"
}
},
"ScheduledTaskKey": "**app-internal-key**"
}
22 changes: 1 addition & 21 deletions League/Configuration/Credentials.json
View file
Original file line number Diff line number Diff line change
@@ -1,21 +1 @@
{
"GoogleConfiguration": {
"WebApiKey": "**enter-key-here**",
"ServiceApiKey": "**enter-key-here**",
"AnalyticsTrackingId": "**enter-key-here**"
},
"SocialLogins": {
"Facebook": {
"AppId": "**enter-key-here**",
"AppSecret": "**enter-key-here**"
},
"Google": {
"ClientId": "**enter-key-here**",
"ClientSecret": "**enter-key-here**"
},
"Microsoft": {
"ClientId": "**enter-key-here**",
"ClientSecret": "**enter-key-here**"
}
}
}
{}
39 changes: 31 additions & 8 deletions League/Controllers/Cron.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Caching.Memory;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.Logging;
using TournamentManager.MultiTenancy;

Expand All @@ -19,7 +20,7 @@ public class Cron : AbstractController
{
private readonly ITenantContext _tenantContext;
private readonly IAuthorizationService _authorizationService;
private readonly Axuno.Tools.DateAndTime.TimeZoneConverter _timeZoneConverter;
private readonly IConfiguration _configuration;
private readonly ILogger<Cron> _logger;
private readonly Axuno.BackgroundTask.IBackgroundQueue _queue;
private readonly SendEmailTask _sendMailTask;
Expand All @@ -28,22 +29,24 @@ public class Cron : AbstractController
private const int DoNotExecute = 0; // zero would mean a notification on the match day

public Cron(TenantStore tenantStore, ITenantContext tenantContext, IAuthorizationService authorizationService,
Axuno.Tools.DateAndTime.TimeZoneConverter timeZoneConverter, Axuno.BackgroundTask.IBackgroundQueue queue,
IConfiguration configuration, Axuno.BackgroundTask.IBackgroundQueue queue,
SendEmailTask sendMailTask, IMemoryCache cache, ILogger<Cron> logger)
{
_tenantContext = tenantContext;
_authorizationService = authorizationService;
_timeZoneConverter = timeZoneConverter;
_configuration = configuration;
_queue = queue;
_sendMailTask = sendMailTask;
_tenantStore = tenantStore;
_cache = cache;
_logger = logger;
}

[HttpGet("/cron/automail/all")]
public async Task<ContentResult> RunAll()
[HttpGet("/cron/automail/all/{key}")]
public async Task<IActionResult> RunAll(string key)
{
if(!IsAuthorized(key)) return StatusCode(Microsoft.AspNetCore.Http.StatusCodes.Status401Unauthorized, "Incorrect authorization key");

var urlSegments = new List<string>();
foreach (var (_, tenant) in _tenantStore.GetTenants())
{
Expand Down Expand Up @@ -81,9 +84,11 @@ public async Task<ContentResult> RunAll()
}


[HttpGet("{organization:MatchingTenant}/cron/automail/{datetime?}")]
public ContentResult AutoMail(string? datetime)
[HttpGet("{organization:MatchingTenant}/cron/automail/{key}/{datetime?}")]
public IActionResult AutoMail(string key, string? datetime)
{
if(!IsAuthorized(key)) return StatusCode(Microsoft.AspNetCore.Http.StatusCodes.Status401Unauthorized, "Incorrect authorization key");

var forceDate = datetime?.EndsWith("!") ?? false;

if (datetime == null || !DateTime.TryParse(datetime.TrimEnd('!'), out var cronDateTime))
Expand Down Expand Up @@ -192,7 +197,7 @@ private async Task<ValueTuple<bool, string>> InvokeUrl(string urlSegmentValue)
try
{
url = Url.Action(nameof(AutoMail), nameof(Cron),
new {organization = urlSegmentValue}, Uri.UriSchemeHttps);
new {organization = urlSegmentValue, key = GetAuthKey() }, Uri.UriSchemeHttps);

await httpClient.GetAsync(url);
}
Expand All @@ -205,5 +210,23 @@ private async Task<ValueTuple<bool, string>> InvokeUrl(string urlSegmentValue)
_logger.LogInformation("Get request for {0} completed.", url);
return (true, url);
}

private bool IsAuthorized(string key)
{
if (key == GetAuthKey())
{
_logger.LogInformation("Scheduled task was authorized");
return true;
}
_logger.LogInformation("Scheduled task could not be authorized");
return false;
}

private string GetAuthKey()
{
var key = _configuration.GetSection("ScheduledTaskKey").Value;
if (string.IsNullOrWhiteSpace(key)) _logger.LogCritical("ScheduledTaskKey is null or whitespace");
return key;
}
}
}
4 changes: 2 additions & 2 deletions League/League.csproj
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,8 @@
<RootNamespace>League</RootNamespace>
<UserSecretsId>ceea2bf6-8147-49b9-be85-26fca01f9ed3</UserSecretsId>
<NeutralLanguage></NeutralLanguage>
<Version>4.5.0</Version>
<AssemblyVersion>4.5.0.0</AssemblyVersion>
<Version>4.5.1</Version>
<AssemblyVersion>4.5.1.0</AssemblyVersion>
<PackageId>Volleyball-League</PackageId>
<Authors>axuno gGmbH</Authors>
<Product>Volleyball-League</Product>
Expand Down

0 comments on commit d1d9788

Please sign in to comment.