Moved Data Protection configuration into it's own typed Options (#1242)

DFE-Digital · Dec 10, 2024 · a8d65db · a8d65db
1 parent 6890ae1
commit a8d65db
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 6 deletions.
diff --git a/Dfe.PrepareConversions/Dfe.PrepareConversions/Configuration/DataProtectionOptions.cs b/Dfe.PrepareConversions/Dfe.PrepareConversions/Configuration/DataProtectionOptions.cs
@@ -0,0 +1,7 @@
+namespace Dfe.PrepareConversions.Configuration;
+
+public class DataProtectionOptions
+{
+   public const string ConfigurationSection = "DataProtection";
+   public string KeyVaultKey { get; init; }
+}
diff --git a/Dfe.PrepareConversions/Dfe.PrepareConversions/Startup.cs b/Dfe.PrepareConversions/Dfe.PrepareConversions/Startup.cs
@@ -95,8 +95,6 @@ public void ConfigureServices(IServiceCollection services)
          options.MaxAge = TimeSpan.FromDays(365);
       });
 
-      services.AddDataProtectionService(Configuration);
-
       services.AddScoped(sp => sp.GetService<IHttpContextAccessor>()?.HttpContext?.Session);
       services.AddSession(options =>
       {
@@ -150,6 +148,9 @@ public void ConfigureServices(IServiceCollection services)
       services.Configure<ServiceLinkOptions>(GetConfigurationSectionFor<ServiceLinkOptions>());
       services.Configure<AzureAdOptions>(GetConfigurationSectionFor<AzureAdOptions>());
       services.Configure<ApplicationInsightsOptions>(GetConfigurationSectionFor<ApplicationInsightsOptions>());
+      services.Configure<DataProtectionOptions>(GetConfigurationSectionFor<DataProtectionOptions>());
+
+      services.AddDataProtectionService(GetTypedConfigurationFor<DataProtectionOptions>());
 
       services.AddScoped<ErrorService>();
       services.AddScoped<IGetEstablishment, EstablishmentService>();

diff --git a/Dfe.PrepareConversions/Dfe.PrepareConversions/Utils/DataProtectionService.cs b/Dfe.PrepareConversions/Dfe.PrepareConversions/Utils/DataProtectionService.cs
@@ -1,5 +1,5 @@
 using Azure.Identity;
-using Microsoft.Extensions.Configuration;
+using Config = Dfe.PrepareConversions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.AspNetCore.DataProtection;
 using System;
@@ -9,16 +9,16 @@ namespace Dfe.PrepareConversions.Utils
 {
    internal static class DataProtectionService
    {
-      public static void AddDataProtectionService(this IServiceCollection services, IConfiguration configuration)
+      public static void AddDataProtectionService(this IServiceCollection services, Config.DataProtectionOptions options)
       {
          var dp = services.AddDataProtection();
-         var dpTargetPath = "@/srv/app/storage";
+         var dpTargetPath = @"/srv/app/storage";
 
          if (Directory.Exists(dpTargetPath)) {
             dp.PersistKeysToFileSystem(new DirectoryInfo(dpTargetPath));
 
             // If a Key Vault Key URI is defined, expect to encrypt the keys.xml
-            string kvProtectionKeyUri = configuration.GetValue<string>("DataProtection:KeyVaultKey");
+            string kvProtectionKeyUri = options.KeyVaultKey;
 
             if (!string.IsNullOrWhiteSpace(kvProtectionKeyUri))
             {