From 7e66a609b5f5490ccc4c27e8a345c766ab015e70 Mon Sep 17 00:00:00 2001
From: Robert Marshall <rob@robware.uk>
Date: Sun, 9 May 2021 07:48:11 +0100
Subject: [PATCH] Require API key

---
 .drone.yml                                            | 6 ++++++
 clean-config.sh                                       | 2 ++
 src/Robware.Api.Projects/Robware.Api.Projects.csproj  | 4 ++++
 src/Robware.Api.Projects/Startup.cs                   | 7 +++++--
 src/Robware.Api.Projects/appsettings.Development.json | 4 +++-
 src/Robware.Api.Projects/appsettings.json             | 4 +++-
 src/nuget.config                                      | 6 ++++++
 7 files changed, 29 insertions(+), 4 deletions(-)
 create mode 100644 src/nuget.config

diff --git a/.drone.yml b/.drone.yml
index 2cbd438..cf28bdf 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -20,11 +20,17 @@ steps:
       from_secret: GitApiEndpoint
     GitApiToken:
       from_secret: GitApiToken
+    AuthEndpoint:
+      from_secret: AuthEndpoint
+    AuthApiKey:
+      from_secret: AuthApiKey
   commands:
   - chmod +x ./build.sh
   - ./build.sh
   - sed -i "s/<GitApiEndpoint>/$GitApiEndpoint/g" output/appsettings.json
   - sed -i "s/<GitApiToken>/$GitApiToken/g" output/appsettings.json
+  - sed -i "s/<AuthEndpoint>/$AuthEndpoint/g" output/appsettings.json
+  - sed -i "s/<AuthApiKey>/$AuthApiKey/g" output/appsettings.json
   - cp api.projects.service output/
   - cp -r ./output/* /output
 - name: restart service
diff --git a/clean-config.sh b/clean-config.sh
index f957583..ae04441 100644
--- a/clean-config.sh
+++ b/clean-config.sh
@@ -3,4 +3,6 @@
 sed \
 -e 's/"gitApiEndpoint": ".*"/"gitApiEndpoint": ""/g' \
 -e 's/"gitApiToken": ".*"/"gitApiToken": ""/g' \
+-e 's/"authEndpoint": ".*"/"authEndpoint": ""/g' \
+-e 's/"authApiKey": ".*"/"authApiKey": ""/g' \
 $1
\ No newline at end of file
diff --git a/src/Robware.Api.Projects/Robware.Api.Projects.csproj b/src/Robware.Api.Projects/Robware.Api.Projects.csproj
index 2ba55a3..816814a 100644
--- a/src/Robware.Api.Projects/Robware.Api.Projects.csproj
+++ b/src/Robware.Api.Projects/Robware.Api.Projects.csproj
@@ -9,5 +9,9 @@
     <ProjectReference Include="..\Robware.Projects\Robware.Projects.csproj" />
   </ItemGroup>
 
+  <ItemGroup>
+    <PackageReference Include="Robware.Lib.Auth.ApiKey" Version="1.1.0" />
+  </ItemGroup>
+
 
 </Project>
diff --git a/src/Robware.Api.Projects/Startup.cs b/src/Robware.Api.Projects/Startup.cs
index fdfd22a..6a06f56 100644
--- a/src/Robware.Api.Projects/Startup.cs
+++ b/src/Robware.Api.Projects/Startup.cs
@@ -5,6 +5,7 @@ using Microsoft.AspNetCore.Hosting;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Hosting;
+using Robware.Lib.Auth.ApiKey;
 using Robware.Projects.Code;
 using Robware.Projects.Gogs;
 
@@ -24,6 +25,8 @@ namespace Robware.Api.Projects {
 				        client.DefaultRequestHeaders.Add("Authorization", $"token {Configuration["gitApiToken"]}");
 			        })
 			        .ConfigurePrimaryHttpMessageHandler(() => new HttpClientHandler {ServerCertificateCustomValidationCallback = (message, cert, chain, errors) => true});
+
+			services.AddApiKeyAuthentication(Configuration["authEndpoint"], Configuration["authApiKey"]);
 		}
 
 		// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
@@ -35,11 +38,11 @@ namespace Robware.Api.Projects {
 			app.UseHttpsRedirection();
 
 			app.UseRouting();
-
+			app.UseAuthentication();
 			app.UseAuthorization();
 
 			app.UseEndpoints(endpoints => {
-				endpoints.MapControllers();
+				endpoints.MapControllers().RequireAuthorization();
 			});
 		}
 	}
diff --git a/src/Robware.Api.Projects/appsettings.Development.json b/src/Robware.Api.Projects/appsettings.Development.json
index 26b09f2..21962f4 100644
--- a/src/Robware.Api.Projects/appsettings.Development.json
+++ b/src/Robware.Api.Projects/appsettings.Development.json
@@ -7,5 +7,7 @@
 		}
 	},
 	"gitApiEndpoint": "",
-	"gitApiToken": ""
+	"gitApiToken": "",
+	"authEndpoint": "",
+	"authApiKey": ""
 }
diff --git a/src/Robware.Api.Projects/appsettings.json b/src/Robware.Api.Projects/appsettings.json
index 7c18631..268ef3e 100644
--- a/src/Robware.Api.Projects/appsettings.json
+++ b/src/Robware.Api.Projects/appsettings.json
@@ -15,5 +15,7 @@
 	},
 	"AllowedHosts": "*",
 	"gitApiEndpoint": "<GitApiEndpoint>",
-	"gitApiToken": "<GitApiToken>"
+	"gitApiToken": "<GitApiToken>",
+	"authEndpoint": "<AuthEndpoint>",
+	"authApiKey": "<AuthApiKey>"
 }
diff --git a/src/nuget.config b/src/nuget.config
new file mode 100644
index 0000000..7fc97f3
--- /dev/null
+++ b/src/nuget.config
@@ -0,0 +1,6 @@
+<configuration>
+	<packageSources>
+		<add key="nuget.org" value="https://api.nuget.org/v3/index.json" protocolVersion="3" />
+		<add key="Robware" value="https://nuget.robware.uk/v3/index.json" />
+	</packageSources>
+</configuration>