< Summary

Information

Class:	Elsa.Secrets.Services.DefaultSecretManager
Assembly:	Elsa.Secrets
File(s):	/home/runner/work/elsa-core/elsa-core/src/modules/Elsa.Secrets/Services/DefaultSecretManager.cs

Line coverage

90%

Covered lines:	141
Uncovered lines:	15
Coverable lines:	156
Total lines:	267
Line coverage:	90.3%

Branch coverage

80%

Covered branches:	55
Total branches:	68
Branch coverage:	80.8%

Method coverage

Feature is only available for sponsors

Upgrade to PRO version

Metrics

Method	Branch coverage	Crap Score	Cyclomatic complexity	Line coverage
.ctor(...)	100%	1	1	100%
CreateAsync()	100%	2	2	100%
GetAsync()	75%	4	4	100%
ListAsync()	100%	1	1	100%
ListPageAsync()	75%	8	8	100%
CountAsync()	100%	1	1	100%
RotateAsync()	87.5%	8	8	100%
RevokeAsync()	75%	4	4	88.88%
DeleteAsync()	50%	2	2	88.88%
TestAsync()	50%	2	2	60%
ResolvePayloadAsync()	100%	2	1	0%
ResolvePayloadAsync()	50%	4	4	85.71%
CreateSecretAsync()	83.33%	6	6	95.45%
GetExistingAsync()	100%	2	2	100%
GetLatestActiveVersion(...)	75%	4	4	100%
ValidateName(...)	100%	2	2	100%
EnsureCanWrite(...)	50%	2	2	66.66%
ApplyFilters(...)	93.75%	16	16	100%
GetFilterValues(...)	75%	4	4	83.33%
CreatePayload(...)	100%	2	2	100%
CreatePayload(...)	100%	2	2	100%

File(s)

/home/runner/work/elsa-core/elsa-core/src/modules/Elsa.Secrets/Services/DefaultSecretManager.cs

#	Line	Line coverage
	`1`	`namespace Elsa.Secrets.Services;`
	`2`
31	`3`	`public class DefaultSecretManager(ISecretNameValidator nameValidator, ISecretStoreRegistry storeRegistry, ISecretTypeReg`
	`4`	`{`
	`5`	`public async Task<Secret> CreateAsync(CreateSecretRequest request, CancellationToken cancellationToken = default)`
	`6`	`{`
37	`7`	`ValidateName(request.Name);`
33	`8`	`var secret = await CreateSecretAsync(request, cancellationToken);`
28	`9`	`if (!await repository.TryAddOrReplaceDeletedAsync(secret, cancellationToken))`
2	`10`	`throw new InvalidOperationException($"A secret named '{request.Name}' already exists.");`
	`11`
26	`12`	`return secret;`
26	`13`	`}`
	`14`
	`15`	`public async Task<Secret?> GetAsync(string name, CancellationToken cancellationToken = default)`
	`16`	`{`
23	`17`	`var secret = await repository.GetAsync(nameValidator.Normalize(name), cancellationToken);`
23	`18`	`return secret is { Status: SecretStatus.Deleted } ? null : secret;`
23	`19`	`}`
	`20`
	`21`	`public async Task<IReadOnlyCollection<Secret>> ListAsync(ListSecretsRequest request, CancellationToken cancellationT`
	`22`	`{`
1	`23`	`return (await ListPageAsync(request, cancellationToken)).Items;`
1	`24`	`}`
	`25`
	`26`	`public async Task<ListSecretsResult> ListPageAsync(ListSecretsRequest request, CancellationToken cancellationToken =`
	`27`	`{`
2	`28`	`var secrets = await repository.ListAsync(cancellationToken);`
2	`29`	`var query = ApplyFilters(secrets, request);`
2	`30`	`var totalCount = query.LongCount();`
	`31`
2	`32`	`var pageSize = request.PageSize is > 0 ? Math.Min(request.PageSize.Value, 200) : 100;`
2	`33`	`var page = request.Page is > 0 ? request.Page.Value : 0;`
	`34`
2	`35`	`var items = query`
5	`36`	`.OrderBy(x => x.Name)`
2	`37`	`.Skip(page * pageSize)`
2	`38`	`.Take(pageSize)`
2	`39`	`.ToList();`
	`40`
2	`41`	`return new ListSecretsResult { Items = items, TotalCount = totalCount };`
2	`42`	`}`
	`43`
	`44`	`public async Task<long> CountAsync(ListSecretsRequest request, CancellationToken cancellationToken = default)`
	`45`	`{`
1	`46`	`var secrets = await repository.ListAsync(cancellationToken);`
1	`47`	`return ApplyFilters(secrets, request).LongCount();`
1	`48`	`}`
	`49`
	`50`	`public async Task<Secret> RotateAsync(string name, RotateSecretRequest request, CancellationToken cancellationToken`
	`51`	`{`
5	`52`	`var secret = await GetExistingAsync(name, cancellationToken);`
5	`53`	`if (secret.Status == SecretStatus.Revoked)`
1	`54`	`throw new InvalidOperationException($"Secret '{secret.Name}' is revoked and cannot be rotated.");`
	`55`
4	`56`	`var provider = typeRegistry.Get(secret.TypeName);`
4	`57`	`if (!provider.ValidateRotation(request, secret.StoreName, out var error))`
1	`58`	`throw new InvalidOperationException(error);`
	`59`
3	`60`	`var store = storeRegistry.Get(secret.StoreName);`
3	`61`	`EnsureCanWrite(store);`
6	`62`	`var nextVersion = secret.Versions.Count == 0 ? 1 : secret.Versions.Max(x => x.Version) + 1;`
3	`63`	`var version = new SecretVersion { Version = nextVersion, ExpiresAt = request.ExpiresAt };`
3	`64`	`version.Payload = await store.WriteAsync(secret, version, CreatePayload(request), cancellationToken);`
	`65`
15	`66`	`foreach (var activeVersion in secret.Versions.Where(x => x.Status == SecretStatus.Active))`
3	`67`	`activeVersion.Status = SecretStatus.Retired;`
	`68`
3	`69`	`secret.Versions.Add(version);`
3	`70`	`secret.Status = SecretStatus.Active;`
3	`71`	`secret.UpdatedAt = DateTimeOffset.UtcNow;`
3	`72`	`await repository.SaveAsync(secret, cancellationToken);`
	`73`
3	`74`	`return secret;`
3	`75`	`}`
	`76`
	`77`	`public async Task<Secret?> RevokeAsync(string name, CancellationToken cancellationToken = default)`
	`78`	`{`
3	`79`	`var secret = await GetAsync(name, cancellationToken);`
3	`80`	`if (secret == null)`
0	`81`	`return null;`
	`82`
3	`83`	`secret.Status = SecretStatus.Revoked;`
3	`84`	`secret.UpdatedAt = DateTimeOffset.UtcNow;`
15	`85`	`foreach (var version in secret.Versions.Where(x => x.Status == SecretStatus.Active))`
3	`86`	`version.Status = SecretStatus.Revoked;`
	`87`
3	`88`	`await repository.SaveAsync(secret, cancellationToken);`
3	`89`	`return secret;`
3	`90`	`}`
	`91`
	`92`	`public async Task<bool> DeleteAsync(string name, CancellationToken cancellationToken = default)`
	`93`	`{`
3	`94`	`var secret = await GetAsync(name, cancellationToken);`
3	`95`	`if (secret == null)`
0	`96`	`return false;`
	`97`
3	`98`	`await storeRegistry.Get(secret.StoreName).DeleteAsync(secret, cancellationToken);`
3	`99`	`secret.Status = SecretStatus.Deleted;`
3	`100`	`secret.UpdatedAt = DateTimeOffset.UtcNow;`
3	`101`	`await repository.SaveAsync(secret, cancellationToken);`
3	`102`	`return true;`
3	`103`	`}`
	`104`
	`105`	`public async Task<SecretTestResponse> TestAsync(string name, CancellationToken cancellationToken = default)`
	`106`	`{`
	`107`	`try`
	`108`	`{`
3	`109`	`var secret = await GetExistingAsync(name, cancellationToken);`
2	`110`	`var version = GetLatestActiveVersion(secret);`
2	`111`	`var succeeded = await storeRegistry.Get(secret.StoreName).TestAsync(secret, version, cancellationToken);`
1	`112`	`return new SecretTestResponse { Succeeded = succeeded, Error = succeeded ? null : "Secret value is unavailab`
	`113`	`}`
0	`114`	`catch (InvalidOperationException e)`
	`115`	`{`
0	`116`	`return new SecretTestResponse { Succeeded = false, Error = e.Message };`
	`117`	`}`
1	`118`	`catch (KeyNotFoundException e)`
	`119`	`{`
1	`120`	`return new SecretTestResponse { Succeeded = false, Error = e.Message };`
	`121`	`}`
0	`122`	`catch (ArgumentException e)`
	`123`	`{`
0	`124`	`return new SecretTestResponse { Succeeded = false, Error = e.Message };`
	`125`	`}`
0	`126`	`catch (System.Security.Cryptography.CryptographicException e)`
	`127`	`{`
0	`128`	`return new SecretTestResponse { Succeeded = false, Error = e.Message };`
	`129`	`}`
1	`130`	`catch (FormatException e)`
	`131`	`{`
1	`132`	`return new SecretTestResponse { Succeeded = false, Error = e.Message };`
	`133`	`}`
3	`134`	`}`
	`135`
	`136`	`public async Task<SecretPayload> ResolvePayloadAsync(string name, CancellationToken cancellationToken = default)`
	`137`	`{`
0	`138`	`var secret = await GetExistingAsync(name, cancellationToken);`
0	`139`	`return await ResolvePayloadAsync(secret, cancellationToken);`
0	`140`	`}`
	`141`
	`142`	`public async Task<SecretPayload> ResolvePayloadAsync(Secret secret, CancellationToken cancellationToken = default)`
	`143`	`{`
6	`144`	`var version = GetLatestActiveVersion(secret);`
5	`145`	`var store = storeRegistry.Get(secret.StoreName);`
5	`146`	`var payload = await store.ReadAsync(secret, version, cancellationToken);`
	`147`
5	`148`	`if (payload?.Value == null)`
0	`149`	`throw new InvalidOperationException($"Secret '{secret.Name}' could not be resolved.");`
	`150`
5	`151`	`return payload;`
5	`152`	`}`
	`153`
	`154`	`private async Task<Secret> CreateSecretAsync(CreateSecretRequest request, CancellationToken cancellationToken)`
	`155`	`{`
33	`156`	`var typeProvider = typeRegistry.Get(request.TypeName);`
33	`157`	`var store = storeRegistry.Get(request.StoreName);`
33	`158`	`EnsureCanWrite(store);`
	`159`
33	`160`	`if (!typeProvider.Descriptor.SupportedStoreNames.Contains(store.Name, StringComparer.OrdinalIgnoreCase))`
0	`161`	`throw new InvalidOperationException($"Secret type '{request.TypeName}' does not support store '{request.Stor`
	`162`
33	`163`	`if (!typeProvider.Validate(request, out var error))`
5	`164`	`throw new InvalidOperationException(error);`
	`165`
28	`166`	`var secret = new Secret`
28	`167`	`{`
28	`168`	`Name = nameValidator.Normalize(request.Name),`
28	`169`	`DisplayName = string.IsNullOrWhiteSpace(request.DisplayName) ? request.Name.Trim() : request.DisplayName.Tri`
28	`170`	`Description = request.Description,`
28	`171`	`TypeName = typeProvider.Descriptor.Name,`
28	`172`	`StoreName = store.Name,`
28	`173`	`Scope = request.Scope,`
28	`174`	`Tags = request.Tags.ToHashSet(StringComparer.OrdinalIgnoreCase)`
28	`175`	`};`
	`176`
28	`177`	`var version = new SecretVersion { Version = 1, ExpiresAt = request.ExpiresAt };`
28	`178`	`version.Payload = await store.WriteAsync(secret, version, CreatePayload(request), cancellationToken);`
28	`179`	`secret.Versions.Add(version);`
	`180`
28	`181`	`return secret;`
28	`182`	`}`
	`183`
	`184`	`private async Task<Secret> GetExistingAsync(string name, CancellationToken cancellationToken)`
	`185`	`{`
8	`186`	`var secret = await GetAsync(name, cancellationToken);`
8	`187`	`return secret == null ? throw new KeyNotFoundException($"Secret '{name}' was not found.") : secret;`
7	`188`	`}`
	`189`
	`190`	`private static SecretVersion GetLatestActiveVersion(Secret secret)`
	`191`	`{`
8	`192`	`if (secret.Status != SecretStatus.Active)`
1	`193`	`throw new InvalidOperationException($"Secret '{secret.Name}' is not active.");`
	`194`
7	`195`	`return secret.LatestActiveVersion ?? throw new InvalidOperationException($"Secret '{secret.Name}' has no active`
	`196`	`}`
	`197`
	`198`	`private void ValidateName(string name)`
	`199`	`{`
37	`200`	`if (!nameValidator.IsValid(name, out var error))`
4	`201`	`throw new InvalidOperationException(error);`
33	`202`	`}`
	`203`
	`204`	`private static void EnsureCanWrite(ISecretStore store)`
	`205`	`{`
36	`206`	`if (!store.Descriptor.Capabilities.HasFlag(SecretStoreCapabilities.Write))`
0	`207`	`throw new InvalidOperationException($"Secret store '{store.Name}' does not support writing secrets.");`
36	`208`	`}`
	`209`
	`210`	`private static IEnumerable<Secret> ApplyFilters(IEnumerable<Secret> secrets, ListSecretsRequest request)`
	`211`	`{`
20	`212`	`var query = secrets.Where(x => x.Status != SecretStatus.Deleted);`
	`213`
3	`214`	`if (!string.IsNullOrWhiteSpace(request.Search))`
	`215`	`{`
1	`216`	`var search = request.Search.Trim();`
1	`217`	`query = query.Where(x =>`
9	`218`	`x.Name.Contains(search, StringComparison.OrdinalIgnoreCase) \|\|`
9	`219`	`x.DisplayName.Contains(search, StringComparison.OrdinalIgnoreCase) \|\|`
9	`220`	`(x.Description?.Contains(search, StringComparison.OrdinalIgnoreCase) ?? false));`
	`221`	`}`
	`222`
3	`223`	`var typeNames = GetFilterValues(request.TypeName, request.TypeNames);`
3	`224`	`if (typeNames.Count > 0)`
9	`225`	`query = query.Where(x => typeNames.Contains(x.TypeName));`
	`226`
3	`227`	`var storeNames = GetFilterValues(request.StoreName, request.StoreNames);`
3	`228`	`if (storeNames.Count > 0)`
9	`229`	`query = query.Where(x => storeNames.Contains(x.StoreName));`
	`230`
3	`231`	`if (!string.IsNullOrWhiteSpace(request.Scope))`
9	`232`	`query = query.Where(x => string.Equals(x.Scope, request.Scope, StringComparison.OrdinalIgnoreCase));`
	`233`
3	`234`	`if (request.Status != null)`
7	`235`	`query = query.Where(x => x.Status == request.Status);`
	`236`
3	`237`	`return query;`
	`238`	`}`
	`239`
	`240`	`private static HashSet<string> GetFilterValues(string? value, IEnumerable<string> values)`
	`241`	`{`
6	`242`	`var result = new HashSet<string>(StringComparer.OrdinalIgnoreCase);`
6	`243`	`if (!string.IsNullOrWhiteSpace(value))`
0	`244`	`result.Add(value.Trim());`
	`245`
18	`246`	`foreach (var item in values.Where(x => !string.IsNullOrWhiteSpace(x)))`
2	`247`	`result.Add(item.Trim());`
	`248`
6	`249`	`return result;`
	`250`	`}`
	`251`
	`252`	`private static SecretPayload CreatePayload(CreateSecretRequest request)`
	`253`	`{`
28	`254`	`var payload = new SecretPayload { Value = request.Value, Metadata = new Dictionary<string, string>(request.Metad`
28	`255`	`if (!string.IsNullOrWhiteSpace(request.ConfigurationKey))`
4	`256`	`payload.Metadata["configurationKey"] = request.ConfigurationKey.Trim();`
28	`257`	`return payload;`
	`258`	`}`
	`259`
	`260`	`private static SecretPayload CreatePayload(RotateSecretRequest request)`
	`261`	`{`
3	`262`	`var payload = new SecretPayload { Value = request.Value, Metadata = new Dictionary<string, string>(request.Metad`
3	`263`	`if (!string.IsNullOrWhiteSpace(request.ConfigurationKey))`
1	`264`	`payload.Metadata["configurationKey"] = request.ConfigurationKey.Trim();`
3	`265`	`return payload;`
	`266`	`}`
	`267`	`}`

< Summary

Metrics

File(s)

/home/runner/work/elsa-core/elsa-core/src/modules/Elsa.Secrets/Services/DefaultSecretManager.cs

Methods/Properties