From e448300391e7416ec7c32dafab9256e7cae42abc Mon Sep 17 00:00:00 2001 From: KodrAus Date: Fri, 1 Mar 2024 10:42:04 +1000 Subject: [PATCH 1/2] remove forwarder data protection in favor of seqcli --- .../Cli/Commands/Profile/CreateCommand.cs | 4 +- src/SeqCli/Config/ConnectionConfig.cs | 51 ++++++++----------- src/SeqCli/Config/SeqCliConfig.cs | 2 +- .../Config/SeqCliEncryptionProviderConfig.cs | 16 ++++++ src/SeqCli/Connection/SeqConnectionFactory.cs | 5 +- ...Encryption.cs => ExternalDataProtector.cs} | 4 +- .../{IEncryption.cs => IDataProtector.cs} | 2 +- ...ncryption.cs => PlaintextDataProtector.cs} | 2 +- ...ption.cs => WindowsNativeDataProtector.cs} | 2 +- .../DpapiMachineScopeDataProtection.cs | 49 ------------------ .../Cryptography/IStringDataProtector.cs | 7 --- .../Cryptography/StringDataProtector.cs | 15 ------ .../Cryptography/UnprotectedStringData.cs | 21 -------- .../Multiplexing/ActiveLogBufferMap.cs | 17 ++++--- .../Multiplexing/ActiveLogBufferMapTests.cs | 4 +- 15 files changed, 61 insertions(+), 140 deletions(-) rename src/SeqCli/Encryptor/{ExternalEncryption.cs => ExternalDataProtector.cs} (96%) rename src/SeqCli/Encryptor/{IEncryption.cs => IDataProtector.cs} (79%) rename src/SeqCli/Encryptor/{PlaintextEncryption.cs => PlaintextDataProtector.cs} (81%) rename src/SeqCli/Encryptor/{WindowsNativeEncryption.cs => WindowsNativeDataProtector.cs} (94%) delete mode 100644 src/SeqCli/Forwarder/Cryptography/DpapiMachineScopeDataProtection.cs delete mode 100644 src/SeqCli/Forwarder/Cryptography/IStringDataProtector.cs delete mode 100644 src/SeqCli/Forwarder/Cryptography/StringDataProtector.cs delete mode 100644 src/SeqCli/Forwarder/Cryptography/UnprotectedStringData.cs diff --git a/src/SeqCli/Cli/Commands/Profile/CreateCommand.cs b/src/SeqCli/Cli/Commands/Profile/CreateCommand.cs index d6769739..866ee9f7 100644 --- a/src/SeqCli/Cli/Commands/Profile/CreateCommand.cs +++ b/src/SeqCli/Cli/Commands/Profile/CreateCommand.cs @@ -49,7 +49,9 @@ int RunSync() try { var config = SeqCliConfig.Read(); - config.Profiles[_name] = new ConnectionConfig { ServerUrl = _url, ApiKey = _apiKey }; + var connectionConfig = new ConnectionConfig { ServerUrl = _url }; + connectionConfig.EncodeApiKey(_apiKey, config.Encryption.DataProtector()); + config.Profiles[_name] = connectionConfig; SeqCliConfig.Write(config); return 0; } diff --git a/src/SeqCli/Config/ConnectionConfig.cs b/src/SeqCli/Config/ConnectionConfig.cs index 821b6ad6..d2f31289 100644 --- a/src/SeqCli/Config/ConnectionConfig.cs +++ b/src/SeqCli/Config/ConnectionConfig.cs @@ -13,8 +13,9 @@ // limitations under the License. using System; +using System.Text; using Newtonsoft.Json; -using SeqCli.Forwarder.Cryptography; +using SeqCli.Encryptor; using SeqCli.Util; namespace SeqCli.Config; @@ -23,47 +24,37 @@ public class ConnectionConfig { const string ProtectedDataPrefix = "pd."; + static readonly Encoding ProtectedDataEncoding = new UTF8Encoding(false); + public string ServerUrl { get; set; } = "http://localhost:5341"; [JsonProperty("apiKey")] public string? EncodedApiKey { get; set; } - [JsonIgnore] - public string? ApiKey + public string? DecodeApiKey(IDataProtector dataProtector) { - get - { - if (string.IsNullOrWhiteSpace(EncodedApiKey)) - return null; - - if (!OperatingSystem.IsWindows()) - return EncodedApiKey; + if (string.IsNullOrWhiteSpace(EncodedApiKey)) + return null; + + if (!EncodedApiKey.StartsWith(ProtectedDataPrefix)) + return EncodedApiKey; - if (!EncodedApiKey.StartsWith(ProtectedDataPrefix)) - return EncodedApiKey; + return ProtectedDataEncoding.GetString(dataProtector.Decrypt(Convert.FromBase64String(EncodedApiKey[ProtectedDataPrefix.Length..]))); + } - return UserScopeDataProtection.Unprotect(EncodedApiKey.Substring(ProtectedDataPrefix.Length)); - } - set + public void EncodeApiKey(string? apiKey, IDataProtector dataProtector) + { + if (apiKey == null) { - if (string.IsNullOrWhiteSpace(value)) - { - EncodedApiKey = null; - return; - } - - if (OperatingSystem.IsWindows()) - EncodedApiKey = $"{ProtectedDataPrefix}{UserScopeDataProtection.Protect(value)}"; - else - EncodedApiKey = value; + EncodedApiKey = null; + return; } - } - public string? GetApiKey(IStringDataProtector dataProtector) - { - throw new NotImplementedException(); + var encoded = dataProtector.Encrypt(ProtectedDataEncoding.GetBytes(apiKey)); + + EncodedApiKey = $"{ProtectedDataPrefix}{Convert.ToBase64String(encoded)}"; } - + public uint? PooledConnectionLifetimeMilliseconds { get; set; } = null; public ulong EventBodyLimitBytes { get; set; } = 256 * 1024; public ulong PayloadLimitBytes { get; set; } = 10 * 1024 * 1024; diff --git a/src/SeqCli/Config/SeqCliConfig.cs b/src/SeqCli/Config/SeqCliConfig.cs index 88ac1b08..752476b4 100644 --- a/src/SeqCli/Config/SeqCliConfig.cs +++ b/src/SeqCli/Config/SeqCliConfig.cs @@ -57,7 +57,7 @@ public static void Write(SeqCliConfig data) public ConnectionConfig Connection { get; set; } = new(); public OutputConfig Output { get; set; } = new(); public ForwarderConfig Forwarder { get; set; } = new(); - public SeqCliEncryptionProviderConfig EncryptionProviderProvider { get; set; } = new SeqCliEncryptionProviderConfig(); + public SeqCliEncryptionProviderConfig Encryption { get; set; } = new SeqCliEncryptionProviderConfig(); public Dictionary Profiles { get; } = new(StringComparer.OrdinalIgnoreCase); } \ No newline at end of file diff --git a/src/SeqCli/Config/SeqCliEncryptionProviderConfig.cs b/src/SeqCli/Config/SeqCliEncryptionProviderConfig.cs index c7818e18..d94750aa 100644 --- a/src/SeqCli/Config/SeqCliEncryptionProviderConfig.cs +++ b/src/SeqCli/Config/SeqCliEncryptionProviderConfig.cs @@ -12,6 +12,8 @@ // See the License for the specific language governing permissions and // limitations under the License. +using SeqCli.Encryptor; + namespace SeqCli.Config; public class SeqCliEncryptionProviderConfig @@ -21,4 +23,18 @@ public class SeqCliEncryptionProviderConfig public string? Decryptor { get; set; } public string? DecryptorArgs { get; set; } + + public IDataProtector DataProtector() + { +#if WINDOWS + return new WindowsNativeDataProtector(); +#else + if (!string.IsNullOrWhiteSpace(Encryptor) && !string.IsNullOrWhiteSpace(Decryptor)) + { + return new ExternalDataProtector(this); + } + + return new PlaintextDataProtector(); +#endif + } } \ No newline at end of file diff --git a/src/SeqCli/Connection/SeqConnectionFactory.cs b/src/SeqCli/Connection/SeqConnectionFactory.cs index 08ef3cfb..05a82d73 100644 --- a/src/SeqCli/Connection/SeqConnectionFactory.cs +++ b/src/SeqCli/Connection/SeqConnectionFactory.cs @@ -16,6 +16,7 @@ using Seq.Api; using SeqCli.Cli.Features; using SeqCli.Config; +using SeqCli.Encryptor; namespace SeqCli.Connection; @@ -50,12 +51,12 @@ public SeqConnection Connect(ConnectionFeature connection) throw new ArgumentException($"A profile named `{connection.ProfileName}` was not found; see `seqcli profile list` for available profiles."); url = profile.ServerUrl; - apiKey = profile.ApiKey; + apiKey = profile.DecodeApiKey(_config.Encryption.DataProtector()); } else { url = _config.Connection.ServerUrl; - apiKey = connection.IsApiKeySpecified ? connection.ApiKey : _config.Connection.ApiKey; + apiKey = connection.IsApiKeySpecified ? connection.ApiKey : _config.Connection.DecodeApiKey(_config.Encryption.DataProtector()); } return (url, apiKey); diff --git a/src/SeqCli/Encryptor/ExternalEncryption.cs b/src/SeqCli/Encryptor/ExternalDataProtector.cs similarity index 96% rename from src/SeqCli/Encryptor/ExternalEncryption.cs rename to src/SeqCli/Encryptor/ExternalDataProtector.cs index b9db753f..3444b37b 100644 --- a/src/SeqCli/Encryptor/ExternalEncryption.cs +++ b/src/SeqCli/Encryptor/ExternalDataProtector.cs @@ -7,9 +7,9 @@ namespace SeqCli.Encryptor; -public class ExternalEncryption : IEncryption +public class ExternalDataProtector : IDataProtector { - public ExternalEncryption(SeqCliEncryptionProviderConfig providerConfig) + public ExternalDataProtector(SeqCliEncryptionProviderConfig providerConfig) { _encryptor = providerConfig.Encryptor!; _encryptorArgs = providerConfig.EncryptorArgs; diff --git a/src/SeqCli/Encryptor/IEncryption.cs b/src/SeqCli/Encryptor/IDataProtector.cs similarity index 79% rename from src/SeqCli/Encryptor/IEncryption.cs rename to src/SeqCli/Encryptor/IDataProtector.cs index 0294fa82..06db6d34 100644 --- a/src/SeqCli/Encryptor/IEncryption.cs +++ b/src/SeqCli/Encryptor/IDataProtector.cs @@ -1,6 +1,6 @@ namespace SeqCli.Encryptor; -public interface IEncryption +public interface IDataProtector { public byte[] Encrypt(byte[] unencrypted); public byte[] Decrypt(byte[] encrypted); diff --git a/src/SeqCli/Encryptor/PlaintextEncryption.cs b/src/SeqCli/Encryptor/PlaintextDataProtector.cs similarity index 81% rename from src/SeqCli/Encryptor/PlaintextEncryption.cs rename to src/SeqCli/Encryptor/PlaintextDataProtector.cs index 53a8df3e..e464002d 100644 --- a/src/SeqCli/Encryptor/PlaintextEncryption.cs +++ b/src/SeqCli/Encryptor/PlaintextDataProtector.cs @@ -1,6 +1,6 @@ namespace SeqCli.Encryptor; -class PlaintextEncryption : IEncryption +class PlaintextDataProtector : IDataProtector { public byte[] Encrypt(byte[] unencrypted) { diff --git a/src/SeqCli/Encryptor/WindowsNativeEncryption.cs b/src/SeqCli/Encryptor/WindowsNativeDataProtector.cs similarity index 94% rename from src/SeqCli/Encryptor/WindowsNativeEncryption.cs rename to src/SeqCli/Encryptor/WindowsNativeDataProtector.cs index 323a82df..203d0f20 100644 --- a/src/SeqCli/Encryptor/WindowsNativeEncryption.cs +++ b/src/SeqCli/Encryptor/WindowsNativeDataProtector.cs @@ -5,7 +5,7 @@ namespace SeqCli.Encryptor; -public class WindowsNativeEncryption : IEncryption +public class WindowsNativeDataProtector : IDataProtector { public byte[] Encrypt(byte[] unencrypted) { diff --git a/src/SeqCli/Forwarder/Cryptography/DpapiMachineScopeDataProtection.cs b/src/SeqCli/Forwarder/Cryptography/DpapiMachineScopeDataProtection.cs deleted file mode 100644 index 2eb74421..00000000 --- a/src/SeqCli/Forwarder/Cryptography/DpapiMachineScopeDataProtection.cs +++ /dev/null @@ -1,49 +0,0 @@ -// Copyright © Datalust Pty Ltd and Contributors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#if WINDOWS - -using System; -using System.Diagnostics.CodeAnalysis; -using System.Security.Cryptography; -using System.Text; -using SeqCli.Forwarder.Cryptography; - -namespace Seq.Forwarder.Cryptography -{ - [SuppressMessage("Interoperability", "CA1416:Validate platform compatibility")] - class DpapiMachineScopeDataProtect : IStringDataProtector - { - public string Unprotect(string @protected) - { - var parts = @protected.Split(new[] { '$' }, StringSplitOptions.RemoveEmptyEntries); - if (parts.Length != 2) - throw new InvalidOperationException("Encoded data format is invalid."); - - var bytes = Convert.FromBase64String(parts[0]); - var salt = Convert.FromBase64String(parts[1]); - var decoded = ProtectedData.Unprotect(bytes, salt, DataProtectionScope.LocalMachine); - return Encoding.UTF8.GetString(decoded); - } - - public string Protect(string value) - { - var salt = RandomNumberGenerator.GetBytes(16); - var bytes = ProtectedData.Protect(Encoding.UTF8.GetBytes(value), salt, DataProtectionScope.LocalMachine); - return $"{Convert.ToBase64String(bytes)}${Convert.ToBase64String(salt)}"; - } - } -} - -#endif diff --git a/src/SeqCli/Forwarder/Cryptography/IStringDataProtector.cs b/src/SeqCli/Forwarder/Cryptography/IStringDataProtector.cs deleted file mode 100644 index cdc930c1..00000000 --- a/src/SeqCli/Forwarder/Cryptography/IStringDataProtector.cs +++ /dev/null @@ -1,7 +0,0 @@ -namespace SeqCli.Forwarder.Cryptography; - -public interface IStringDataProtector -{ - string Protect(string value); - string Unprotect(string @protected); -} \ No newline at end of file diff --git a/src/SeqCli/Forwarder/Cryptography/StringDataProtector.cs b/src/SeqCli/Forwarder/Cryptography/StringDataProtector.cs deleted file mode 100644 index 97c46021..00000000 --- a/src/SeqCli/Forwarder/Cryptography/StringDataProtector.cs +++ /dev/null @@ -1,15 +0,0 @@ -using Seq.Forwarder.Cryptography; - -namespace SeqCli.Forwarder.Cryptography; - -static class StringDataProtector -{ - public static IStringDataProtector CreatePlatformDefault() - { -#if WINDOWS - return new DpapiMachineScopeDataProtect(); -#else - return new UnprotectedStringData(); -#endif - } -} \ No newline at end of file diff --git a/src/SeqCli/Forwarder/Cryptography/UnprotectedStringData.cs b/src/SeqCli/Forwarder/Cryptography/UnprotectedStringData.cs deleted file mode 100644 index 6148081e..00000000 --- a/src/SeqCli/Forwarder/Cryptography/UnprotectedStringData.cs +++ /dev/null @@ -1,21 +0,0 @@ -#if !WINDOWS - -using Serilog; - -namespace SeqCli.Forwarder.Cryptography; - -public class UnprotectedStringData : IStringDataProtector -{ - public string Protect(string value) - { - Log.Warning("Data protection is not available on this platform; sensitive values will be stored in plain text"); - return value; - } - - public string Unprotect(string @protected) - { - return @protected; - } -} - -#endif diff --git a/src/SeqCli/Forwarder/Multiplexing/ActiveLogBufferMap.cs b/src/SeqCli/Forwarder/Multiplexing/ActiveLogBufferMap.cs index bcd09c65..a18ff2ac 100644 --- a/src/SeqCli/Forwarder/Multiplexing/ActiveLogBufferMap.cs +++ b/src/SeqCli/Forwarder/Multiplexing/ActiveLogBufferMap.cs @@ -16,9 +16,10 @@ using System.Collections.Generic; using System.IO; using System.Net; +using System.Text; using SeqCli.Config; using SeqCli.Config.Forwarder; -using SeqCli.Forwarder.Cryptography; +using SeqCli.Encryptor; using SeqCli.Forwarder.Storage; using SeqCli.Forwarder.Web; using Serilog; @@ -29,10 +30,12 @@ public class ActiveLogBufferMap : IDisposable { const string DataFileName = "data.mdb", LockFileName = "lock.mdb", ApiKeyFileName = ".apikey"; + static Encoding ApiKeyEncoding = new UTF8Encoding(false); + readonly ulong _bufferSizeBytes; readonly ConnectionConfig _connectionConfig; readonly ILogShipperFactory _shipperFactory; - readonly IStringDataProtector _dataProtector; + readonly IDataProtector _dataProtector; readonly string _bufferPath; readonly ILogger _log = Log.ForContext(); @@ -46,7 +49,7 @@ public ActiveLogBufferMap( ForwarderStorageConfig storageConfig, ConnectionConfig outputConfig, ILogShipperFactory logShipperFactory, - IStringDataProtector dataProtector) + IDataProtector dataProtector) { _bufferSizeBytes = storageConfig.BufferSizeBytes; _connectionConfig = outputConfig ?? throw new ArgumentNullException(nameof(outputConfig)); @@ -86,7 +89,7 @@ public void Load() } else { - _noApiKeyLogBuffer = new ActiveLogBuffer(buffer, _shipperFactory.Create(buffer, _connectionConfig.GetApiKey(_dataProtector))); + _noApiKeyLogBuffer = new ActiveLogBuffer(buffer, _shipperFactory.Create(buffer, _connectionConfig.DecodeApiKey(_dataProtector))); } } @@ -100,7 +103,7 @@ public void Load() } _log.Information("Loading an API-key specific buffer in {Path}", subfolder); - var apiKey = _dataProtector.Unprotect(File.ReadAllText(encodedApiKeyFilePath)); + var apiKey = ApiKeyEncoding.GetString(_dataProtector.Decrypt(File.ReadAllBytes(encodedApiKeyFilePath))); var buffer = new LogBuffer(subfolder, _bufferSizeBytes); if (buffer.Peek(0).Length == 0) @@ -159,7 +162,7 @@ public LogBuffer GetLogBuffer(string? apiKey) { _log.Information("Creating a new default log buffer in {Path}", _bufferPath); var buffer = new LogBuffer(_bufferPath, _bufferSizeBytes); - _noApiKeyLogBuffer = new ActiveLogBuffer(buffer, _shipperFactory.Create(buffer, _connectionConfig.GetApiKey(_dataProtector))); + _noApiKeyLogBuffer = new ActiveLogBuffer(buffer, _shipperFactory.Create(buffer, _connectionConfig.DecodeApiKey(_dataProtector))); _noApiKeyLogBuffer.Shipper.Start(); } return _noApiKeyLogBuffer.Buffer; @@ -171,7 +174,7 @@ public LogBuffer GetLogBuffer(string? apiKey) var subfolder = Path.Combine(_bufferPath, Guid.NewGuid().ToString("n")); _log.Information("Creating a new API key-specific log buffer in {Path}", subfolder); Directory.CreateDirectory(subfolder); - File.WriteAllText(Path.Combine(subfolder, ".apikey"), _dataProtector.Protect(apiKey)); + File.WriteAllBytes(Path.Combine(subfolder, ".apikey"), _dataProtector.Encrypt(ApiKeyEncoding.GetBytes(apiKey))); var newBuffer = new LogBuffer(subfolder, _bufferSizeBytes); var newActiveBuffer = new ActiveLogBuffer(newBuffer, _shipperFactory.Create(newBuffer, apiKey)); _buffersByApiKey.Add(apiKey, newActiveBuffer); diff --git a/test/SeqCli.Tests/Forwarder/Multiplexing/ActiveLogBufferMapTests.cs b/test/SeqCli.Tests/Forwarder/Multiplexing/ActiveLogBufferMapTests.cs index 11db09d1..6634f929 100644 --- a/test/SeqCli.Tests/Forwarder/Multiplexing/ActiveLogBufferMapTests.cs +++ b/test/SeqCli.Tests/Forwarder/Multiplexing/ActiveLogBufferMapTests.cs @@ -1,7 +1,7 @@ using System.IO; using System.Linq; using SeqCli.Config; -using SeqCli.Forwarder.Cryptography; +using SeqCli.Encryptor; using SeqCli.Forwarder.Multiplexing; using SeqCli.Tests.Support; using Xunit; @@ -74,7 +74,7 @@ public void EntriesSurviveReloads() static ActiveLogBufferMap CreateActiveLogBufferMap(TempFolder tmp) { var config = new SeqCliConfig(); - var map = new ActiveLogBufferMap(tmp.Path, config.Forwarder.Storage, config.Connection, new InertLogShipperFactory(), StringDataProtector.CreatePlatformDefault()); + var map = new ActiveLogBufferMap(tmp.Path, config.Forwarder.Storage, config.Connection, new InertLogShipperFactory(), new PlaintextDataProtector()); map.Load(); return map; } From d670753abdbed574987f76b0f6db47be1e2852fa Mon Sep 17 00:00:00 2001 From: KodrAus Date: Fri, 1 Mar 2024 11:00:27 +1000 Subject: [PATCH 2/2] get forwarder run command executing --- src/SeqCli/Forwarder/ForwarderModule.cs | 15 +++++---------- .../Multiplexing/ActiveLogBufferMap.cs | 18 ++++++++---------- .../Multiplexing/HttpLogShipperFactory.cs | 6 ++++-- .../Forwarder/Web/Api/IngestionController.cs | 2 +- src/SeqCli/SeqCliModule.cs | 2 ++ .../Multiplexing/ActiveLogBufferMapTests.cs | 3 +-- 6 files changed, 21 insertions(+), 25 deletions(-) diff --git a/src/SeqCli/Forwarder/ForwarderModule.cs b/src/SeqCli/Forwarder/ForwarderModule.cs index 2a5005ab..019afd4f 100644 --- a/src/SeqCli/Forwarder/ForwarderModule.cs +++ b/src/SeqCli/Forwarder/ForwarderModule.cs @@ -17,7 +17,7 @@ using System.Threading; using Autofac; using SeqCli.Config; -using SeqCli.Forwarder.Cryptography; +using SeqCli.Encryptor; using SeqCli.Forwarder.Multiplexing; using SeqCli.Forwarder.Web.Host; @@ -46,8 +46,8 @@ protected override void Load(ContainerBuilder builder) builder.Register(c => { - var outputConfig = c.Resolve(); - var baseUri = outputConfig.ServerUrl; + var config = c.Resolve(); + var baseUri = config.Connection.ServerUrl; if (string.IsNullOrWhiteSpace(baseUri)) throw new ArgumentException("The destination Seq server URL must be configured in SeqForwarder.json."); @@ -58,13 +58,13 @@ protected override void Load(ContainerBuilder builder) // this expression, using an "or" operator. var hasSocketHandlerOption = - outputConfig.PooledConnectionLifetimeMilliseconds.HasValue; + config.Connection.PooledConnectionLifetimeMilliseconds.HasValue; if (hasSocketHandlerOption) { var httpMessageHandler = new SocketsHttpHandler { - PooledConnectionLifetime = outputConfig.PooledConnectionLifetimeMilliseconds.HasValue ? TimeSpan.FromMilliseconds(outputConfig.PooledConnectionLifetimeMilliseconds.Value) : Timeout.InfiniteTimeSpan, + PooledConnectionLifetime = config.Connection.PooledConnectionLifetimeMilliseconds.HasValue ? TimeSpan.FromMilliseconds(config.Connection.PooledConnectionLifetimeMilliseconds.Value) : Timeout.InfiniteTimeSpan, }; return new HttpClient(httpMessageHandler) { BaseAddress = new Uri(baseUri) }; @@ -74,11 +74,6 @@ protected override void Load(ContainerBuilder builder) }).SingleInstance(); - builder.RegisterInstance(StringDataProtector.CreatePlatformDefault()); - builder.RegisterInstance(_config); - builder.RegisterInstance(_config.Forwarder.Api); - builder.RegisterInstance(_config.Forwarder.Diagnostics); - builder.RegisterInstance(_config.Forwarder.Storage); } } \ No newline at end of file diff --git a/src/SeqCli/Forwarder/Multiplexing/ActiveLogBufferMap.cs b/src/SeqCli/Forwarder/Multiplexing/ActiveLogBufferMap.cs index a18ff2ac..92f96f2b 100644 --- a/src/SeqCli/Forwarder/Multiplexing/ActiveLogBufferMap.cs +++ b/src/SeqCli/Forwarder/Multiplexing/ActiveLogBufferMap.cs @@ -18,7 +18,6 @@ using System.Net; using System.Text; using SeqCli.Config; -using SeqCli.Config.Forwarder; using SeqCli.Encryptor; using SeqCli.Forwarder.Storage; using SeqCli.Forwarder.Web; @@ -26,11 +25,11 @@ namespace SeqCli.Forwarder.Multiplexing; -public class ActiveLogBufferMap : IDisposable +class ActiveLogBufferMap : IDisposable { const string DataFileName = "data.mdb", LockFileName = "lock.mdb", ApiKeyFileName = ".apikey"; - static Encoding ApiKeyEncoding = new UTF8Encoding(false); + static readonly Encoding ApiKeyEncoding = new UTF8Encoding(false); readonly ulong _bufferSizeBytes; readonly ConnectionConfig _connectionConfig; @@ -46,15 +45,14 @@ public class ActiveLogBufferMap : IDisposable public ActiveLogBufferMap( string bufferPath, - ForwarderStorageConfig storageConfig, - ConnectionConfig outputConfig, - ILogShipperFactory logShipperFactory, - IDataProtector dataProtector) + SeqCliConfig config, + ILogShipperFactory logShipperFactory) { - _bufferSizeBytes = storageConfig.BufferSizeBytes; - _connectionConfig = outputConfig ?? throw new ArgumentNullException(nameof(outputConfig)); + ArgumentNullException.ThrowIfNull(config, nameof(config)); + _bufferSizeBytes = config.Forwarder.Storage.BufferSizeBytes; + _connectionConfig = config.Connection; _shipperFactory = logShipperFactory ?? throw new ArgumentNullException(nameof(logShipperFactory)); - _dataProtector = dataProtector ?? throw new ArgumentNullException(nameof(dataProtector)); + _dataProtector = config.Encryption.DataProtector(); _bufferPath = bufferPath ?? throw new ArgumentNullException(nameof(bufferPath)); } diff --git a/src/SeqCli/Forwarder/Multiplexing/HttpLogShipperFactory.cs b/src/SeqCli/Forwarder/Multiplexing/HttpLogShipperFactory.cs index 7c95215d..3101421a 100644 --- a/src/SeqCli/Forwarder/Multiplexing/HttpLogShipperFactory.cs +++ b/src/SeqCli/Forwarder/Multiplexing/HttpLogShipperFactory.cs @@ -26,11 +26,13 @@ class HttpLogShipperFactory : ILogShipperFactory readonly ServerResponseProxy _serverResponseProxy; readonly ConnectionConfig _outputConfig; - public HttpLogShipperFactory(ServerResponseProxy serverResponseProxy, ConnectionConfig outputConfig, HttpClient outputHttpClient) + public HttpLogShipperFactory(SeqCliConfig config, ServerResponseProxy serverResponseProxy, HttpClient outputHttpClient) { + ArgumentNullException.ThrowIfNull(config, nameof(config)); + _outputHttpClient = outputHttpClient; _serverResponseProxy = serverResponseProxy ?? throw new ArgumentNullException(nameof(serverResponseProxy)); - _outputConfig = outputConfig ?? throw new ArgumentNullException(nameof(outputConfig)); + _outputConfig = config.Connection; } public LogShipper Create(LogBuffer logBuffer, string? apiKey) diff --git a/src/SeqCli/Forwarder/Web/Api/IngestionController.cs b/src/SeqCli/Forwarder/Web/Api/IngestionController.cs index 047a8898..6510df77 100644 --- a/src/SeqCli/Forwarder/Web/Api/IngestionController.cs +++ b/src/SeqCli/Forwarder/Web/Api/IngestionController.cs @@ -32,7 +32,7 @@ namespace SeqCli.Forwarder.Web.Api; -public class IngestionController : Controller +class IngestionController : Controller { static readonly Encoding Encoding = new UTF8Encoding(false); const string ClefMediaType = "application/vnd.serilog.clef"; diff --git a/src/SeqCli/SeqCliModule.cs b/src/SeqCli/SeqCliModule.cs index 009d5172..658153bc 100644 --- a/src/SeqCli/SeqCliModule.cs +++ b/src/SeqCli/SeqCliModule.cs @@ -17,6 +17,7 @@ using SeqCli.Cli; using SeqCli.Config; using SeqCli.Connection; +using SeqCli.Encryptor; namespace SeqCli; @@ -32,5 +33,6 @@ protected override void Load(ContainerBuilder builder) builder.Register(c => SeqCliConfig.Read()).SingleInstance(); builder.Register(c => c.Resolve().Connection).SingleInstance(); builder.Register(c => c.Resolve().Output).SingleInstance(); + builder.Register(c => c.Resolve().Encryption.DataProtector()).As(); } } \ No newline at end of file diff --git a/test/SeqCli.Tests/Forwarder/Multiplexing/ActiveLogBufferMapTests.cs b/test/SeqCli.Tests/Forwarder/Multiplexing/ActiveLogBufferMapTests.cs index 6634f929..a4ca2484 100644 --- a/test/SeqCli.Tests/Forwarder/Multiplexing/ActiveLogBufferMapTests.cs +++ b/test/SeqCli.Tests/Forwarder/Multiplexing/ActiveLogBufferMapTests.cs @@ -1,7 +1,6 @@ using System.IO; using System.Linq; using SeqCli.Config; -using SeqCli.Encryptor; using SeqCli.Forwarder.Multiplexing; using SeqCli.Tests.Support; using Xunit; @@ -74,7 +73,7 @@ public void EntriesSurviveReloads() static ActiveLogBufferMap CreateActiveLogBufferMap(TempFolder tmp) { var config = new SeqCliConfig(); - var map = new ActiveLogBufferMap(tmp.Path, config.Forwarder.Storage, config.Connection, new InertLogShipperFactory(), new PlaintextDataProtector()); + var map = new ActiveLogBufferMap(tmp.Path, config, new InertLogShipperFactory()); map.Load(); return map; }