Require API key

.drone.yml

@@ -20,11 +20,17 @@ steps:
       from_secret: GitApiEndpoint
     GitApiToken:
       from_secret: GitApiToken
+    AuthEndpoint:
+      from_secret: AuthEndpoint
+    AuthApiKey:
+      from_secret: AuthApiKey
   commands:
   - chmod +x ./build.sh
   - ./build.sh
   - sed -i "s/<GitApiEndpoint>/$GitApiEndpoint/g" output/appsettings.json
   - sed -i "s/<GitApiToken>/$GitApiToken/g" output/appsettings.json
+  - sed -i "s/<AuthEndpoint>/$AuthEndpoint/g" output/appsettings.json
+  - sed -i "s/<AuthApiKey>/$AuthApiKey/g" output/appsettings.json
   - cp api.projects.service output/
   - cp -r ./output/* /output
 - name: restart service

clean-config.sh

@@ -3,4 +3,6 @@
 sed \
 -e 's/"gitApiEndpoint": ".*"/"gitApiEndpoint": ""/g' \
 -e 's/"gitApiToken": ".*"/"gitApiToken": ""/g' \
+-e 's/"authEndpoint": ".*"/"authEndpoint": ""/g' \
+-e 's/"authApiKey": ".*"/"authApiKey": ""/g' \
 $1

src/Robware.Api.Projects/Robware.Api.Projects.csproj

@@ -9,5 +9,9 @@
     <ProjectReference Include="..\Robware.Projects\Robware.Projects.csproj" />
   </ItemGroup>
 
+  <ItemGroup>
+    <PackageReference Include="Robware.Lib.Auth.ApiKey" Version="1.1.0" />
+  </ItemGroup>
+
 
 </Project>

src/Robware.Api.Projects/Startup.cs

@@ -5,6 +5,7 @@ using Microsoft.AspNetCore.Hosting;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Hosting;
+using Robware.Lib.Auth.ApiKey;
 using Robware.Projects.Code;
 using Robware.Projects.Gogs;
 
@@ -24,6 +25,8 @@ namespace Robware.Api.Projects {
 				        client.DefaultRequestHeaders.Add("Authorization", $"token {Configuration["gitApiToken"]}");
 			        })
 			        .ConfigurePrimaryHttpMessageHandler(() => new HttpClientHandler {ServerCertificateCustomValidationCallback = (message, cert, chain, errors) => true});
+
+			services.AddApiKeyAuthentication(Configuration["authEndpoint"], Configuration["authApiKey"]);
 		}
 
 		// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
@@ -35,11 +38,11 @@ namespace Robware.Api.Projects {
 			app.UseHttpsRedirection();
 
 			app.UseRouting();
-
+			app.UseAuthentication();
 			app.UseAuthorization();
 
 			app.UseEndpoints(endpoints => {
-				endpoints.MapControllers();
+				endpoints.MapControllers().RequireAuthorization();
 			});
 		}
 	}

src/Robware.Api.Projects/appsettings.Development.json

@@ -7,5 +7,7 @@
 		}
 	},
 	"gitApiEndpoint": "",
-	"gitApiToken": ""
+	"gitApiToken": "",
+	"authEndpoint": "",
+	"authApiKey": ""
 }

src/Robware.Api.Projects/appsettings.json

@@ -15,5 +15,7 @@
 	},
 	"AllowedHosts": "*",
 	"gitApiEndpoint": "<GitApiEndpoint>",
-	"gitApiToken": "<GitApiToken>"
+	"gitApiToken": "<GitApiToken>",
+	"authEndpoint": "<AuthEndpoint>",
+	"authApiKey": "<AuthApiKey>"
 }

src/nuget.config

@@ -0,0 +1,6 @@
+<configuration>
+	<packageSources>
+		<add key="nuget.org" value="https://api.nuget.org/v3/index.json" protocolVersion="3" />
+		<add key="Robware" value="https://nuget.robware.uk/v3/index.json" />
+	</packageSources>
+</configuration>