| | | 1 | | namespace Elsa.Secrets.Types; |
| | | 2 | | |
| | | 3 | | public class X509CertificateSecretTypeProvider : ISecretTypeProvider |
| | | 4 | | { |
| | 64 | 5 | | public SecretTypeDescriptor Descriptor { get; } = new( |
| | 31 | 6 | | SecretTypeNames.X509Certificate, |
| | 31 | 7 | | "X.509 Certificate", |
| | 31 | 8 | | "A certificate reference, such as a thumbprint or configuration-backed certificate identity.", |
| | 31 | 9 | | "secret-x509-certificate", |
| | 31 | 10 | | [SecretStoreNames.Encrypted, SecretStoreNames.Configuration]); |
| | | 11 | | |
| | 3 | 12 | | public bool Validate(CreateSecretRequest request, out string? error) => ValidatePayload(request.StoreName, request.V |
| | | 13 | | |
| | 0 | 14 | | public bool ValidateRotation(RotateSecretRequest request, string storeName, out string? error) => ValidatePayload(st |
| | | 15 | | |
| | | 16 | | private static bool ValidatePayload(string storeName, string? value, string? configurationKey, IDictionary<string, s |
| | | 17 | | { |
| | 3 | 18 | | var hasThumbprint = metadata.TryGetValue("thumbprint", out var thumbprint) && !string.IsNullOrWhiteSpace(thumbpr |
| | 3 | 19 | | if (storeName == SecretStoreNames.Encrypted && string.IsNullOrWhiteSpace(value) && !hasThumbprint) |
| | | 20 | | { |
| | 1 | 21 | | error = "Certificate material or a thumbprint metadata value is required."; |
| | 1 | 22 | | return false; |
| | | 23 | | } |
| | | 24 | | |
| | 2 | 25 | | if (storeName == SecretStoreNames.Configuration && string.IsNullOrWhiteSpace(configurationKey)) |
| | | 26 | | { |
| | 1 | 27 | | error = "A configuration key is required for configuration-backed certificate secrets."; |
| | 1 | 28 | | return false; |
| | | 29 | | } |
| | | 30 | | |
| | 1 | 31 | | error = null; |
| | 1 | 32 | | return true; |
| | | 33 | | } |
| | | 34 | | } |