< Summary

Information
Class: Elsa.Diagnostics.OpenTelemetry.Ingestion.OtlpIngestionSecurity
Assembly: Elsa.Diagnostics.OpenTelemetry
File(s): /home/runner/work/elsa-core/elsa-core/src/modules/Elsa.Diagnostics.OpenTelemetry/Ingestion/OtlpIngestionSecurity.cs
Line coverage
100%
Covered lines: 16
Uncovered lines: 0
Coverable lines: 16
Total lines: 44
Line coverage: 100%
Branch coverage
75%
Covered branches: 6
Total branches: 8
Branch coverage: 75%
Method coverage

Feature is only available for sponsors

Upgrade to PRO version

Metrics

MethodBranch coverage Crap Score Cyclomatic complexity Line coverage
IsAuthorized(...)66.66%66100%
IsLoopback(...)100%22100%
ApiKeysMatch(...)100%11100%

File(s)

/home/runner/work/elsa-core/elsa-core/src/modules/Elsa.Diagnostics.OpenTelemetry/Ingestion/OtlpIngestionSecurity.cs

#LineLine coverage
 1using System.Net;
 2using System.Security.Cryptography;
 3using System.Text;
 4using Elsa.Diagnostics.OpenTelemetry.Options;
 5using Microsoft.AspNetCore.Http;
 6
 7namespace Elsa.Diagnostics.OpenTelemetry.Ingestion;
 8
 9public static class OtlpIngestionSecurity
 10{
 11    public static bool IsAuthorized(HttpContext httpContext, OpenTelemetryDiagnosticsOptions options)
 12    {
 1113        if (string.IsNullOrWhiteSpace(options.ApiKey))
 814            return options.AllowUnauthenticatedLoopback && IsLoopback(httpContext);
 15
 316        return httpContext.Request.Headers.TryGetValue(options.ApiKeyHeaderName, out var value) && ApiKeysMatch(value.To
 17    }
 18
 19    private static bool IsLoopback(HttpContext httpContext)
 20    {
 821        var remoteAddress = httpContext.Connection.RemoteIpAddress;
 822        return remoteAddress != null && IPAddress.IsLoopback(remoteAddress);
 23    }
 24
 25    private static bool ApiKeysMatch(string providedApiKey, string expectedApiKey)
 26    {
 327        var providedBytes = Encoding.UTF8.GetBytes(providedApiKey);
 328        var expectedBytes = Encoding.UTF8.GetBytes(expectedApiKey);
 329        var providedHash = SHA256.HashData(providedBytes);
 330        var expectedHash = SHA256.HashData(expectedBytes);
 31
 32        try
 33        {
 334            return CryptographicOperations.FixedTimeEquals(providedHash, expectedHash);
 35        }
 36        finally
 37        {
 338            CryptographicOperations.ZeroMemory(providedBytes);
 339            CryptographicOperations.ZeroMemory(expectedBytes);
 340            CryptographicOperations.ZeroMemory(providedHash);
 341            CryptographicOperations.ZeroMemory(expectedHash);
 342        }
 343    }
 44}
Generated by: ReportGenerator 5.5.10.0
05/31/2026 - 13:48:38
GitHub | reportgenerator.io

Methods/Properties

IsAuthorized(Microsoft.AspNetCore.Http.HttpContext,Elsa.Diagnostics.OpenTelemetry.Options.OpenTelemetryDiagnosticsOptions)
IsLoopback(Microsoft.AspNetCore.Http.HttpContext)
ApiKeysMatch(System.String,System.String)