add sample controllers

This commit is contained in:
paragon
2026-05-23 18:07:01 -04:00
parent b05d9bafda
commit 512dabe4dd
4 changed files with 247 additions and 0 deletions
@@ -0,0 +1,89 @@
using TriunniaLabs.Arch.Api.Application.Client;
using TriunniaLabs.Arch.Microservice;
using TriunniaLabs.Memory.Protected;
namespace TriunniaLabs.Arch.Sample.Server
{
/// <summary>
/// A controller that shows how to work the Application Api.
/// </summary>
/// <remarks>
/// Generally, working with the Application Api occurs transparently within your app and you won't need to contact it directly.
/// But if you ever do, here is its functionality.
/// </remarks>
public class ApplicationApiSampleController : ArchControllerBase
{
// Services
private readonly IApplicationClient _applicationClient;
private readonly IApplicationPermissionClient _applicationPermissionClient;
private readonly IApplicationGuardianClient _applcationGuardianClient;
private readonly ICapabilitiesClient _capabilitiesClient;
/// <summary>
/// Constructor.
/// </summary>
/// <param name="microserviceContext">Reference to the microservice context.</param>
/// <param name="applicationClient">Reference to the Application client.</param>
/// <param name="applicationPermissionClient">Reference to the Application Permission client.</param>
/// <param name="applicationGuardianClient">Reference to the Application Guardian client.</param>
/// <param name="capabilitiesClient">Reference to the Capabilities client.</param>
public ApplicationApiSampleController(IMicroserviceContext microserviceContext,
IApplicationClient applicationClient,
IApplicationPermissionClient applicationPermissionClient,
IApplicationGuardianClient applicationGuardianClient,
ICapabilitiesClient capabilitiesClient)
: base(microserviceContext)
{
_applicationClient = applicationClient ?? throw new ArgumentNullException(nameof(applicationClient));
_applicationPermissionClient = applicationPermissionClient ?? throw new ArgumentNullException(nameof(applicationPermissionClient));
_applcationGuardianClient = applicationGuardianClient ?? throw new ArgumentNullException(nameof(applicationGuardianClient));
_capabilitiesClient = capabilitiesClient ?? throw new ArgumentNullException(nameof(capabilitiesClient));
}
/// <summary>
/// A sample method that shows how to work with the Keys Api.
/// </summary>
internal async Task SampleAsync()
{
var apiName = "SampleServer".AsProtected();
// Create a new application
var applicationId = await _applicationClient.CreateApplicationAsync();
// Delete an application
await _applicationClient.DeleteApplicationAsync(applicationId);
// Grant access to the application for the specified microservice/server/whatever
var accessResponse = await _applicationPermissionClient.GrantAccessAsync(applicationId, apiName);
// Validate whether the microservice has access to the application
// If this fails, a 424 Failed Dependency will be issued by Arch middleware
var validated = await _applicationPermissionClient.ValidateAccessAsync(applicationId, apiName, accessResponse.ApiKey);
// Revoke access from the application for the specified microservice
await _applicationPermissionClient.RevokeAccessAsync(applicationId, apiName);
// Sets any special capabilites the application may be using
await _capabilitiesClient.SetCapabilitiesAsync(new Capabilities { HardwareSecurityModule = true });
// Gets the capabilities for the application
var capabilities = await _capabilitiesClient.GetCapabilitiesAsync();
// When using a Hardware Security Module, gets the status of the guardian system
var guardianResponse = await _applcationGuardianClient.GetStatusAsync();
// When using a Hardware Security Module, authorizes startup of the application and retrieves the Bootstrap Key from the HSM.
// Arch will not start unless this call succeeds if using a Hardware Security Module.
var authKeyId = ((ushort)1).AsProtected();
var response = await _applcationGuardianClient.AuthorizeAsync("accessToken".AsProtected(), authKeyId, "password".AsProtected());
// Gets the Bootstrap Key. Used by some encryption algorithms when a Hardware Security Module is supported.
// Values encrypted with the Bootstrap Key cannot be decrypted unless it is successfully retrieved from the HSM.
var bootstrapResponse = await _applcationGuardianClient.GetBootstrapAsync();
Protected<byte[]> bootstrapKey = bootstrapResponse.BootstrapKey; // Encrypted in-memory until actually required
}
}
}
@@ -0,0 +1,58 @@
using TriunniaLabs.Arch.Api.Email.Client;
using TriunniaLabs.Arch.Microservice;
using TriunniaLabs.Memory.Protected;
namespace TriunniaLabs.Arch.Sample.Server
{
/// <summary>
/// A controller that shows how to work the Email Api.
/// </summary>
public class EmailApiSampleController : ArchControllerBase
{
// Services
private readonly IEmailApiClient _emailApiClient;
/// <summary>
/// Constructor.
/// </summary>
/// <param name="microserviceContext">Reference to the microservice context.</param>
/// <param name="emailApiClient">Reference to the Tokens Api client.</param>
public EmailApiSampleController(IMicroserviceContext microserviceContext, IEmailApiClient emailApiClient) : base(microserviceContext)
{
_emailApiClient = emailApiClient ?? throw new ArgumentNullException(nameof(emailApiClient));
}
/// <summary>
/// A sample method that shows how to work with the Email Api.
/// </summary>
internal async Task SampleAsync()
{
var encryptionKey = "SampleEncryptionKey".AsProtected(); // Per-row encryption key for the email address
var emailAddress = "sample@email.address".AsProtected(encryptionKey.GetDecryptedValue()); // Per-row encrypted email address
var ipAddress = IpAddress.AsProtected(); // User's ip address
var verifyToken = Guid.NewGuid().AsProtected(); // A verify token from the verification email
// Create a new email address in the system
var emailId = await _emailApiClient.CreateEmailAddressAsync(emailAddress, encryptionKey);
// Delete the specified email address
await _emailApiClient.DeleteEmailAddressAsync(emailId);
// Check whether the specified email address already exists in the system
var emailExists = _emailApiClient.HasEmailAddressAsync(emailAddress.Hash);
// Get the email address and associated metadata from the Email Api
var emailResponse = await _emailApiClient.GetEmailAddressAsync(emailAddress.Hash, encryptionKey); // Get by hash
emailResponse = await _emailApiClient.GetEmailAddressAsync(emailId, encryptionKey); // Get by Id
// Email verification procedure. This will send an email to the user with the verify token. Record its verification or abuse with the other methods.
await _emailApiClient.InitEmailVerifyAsync(emailId, encryptionKey, ipAddress);
var result = await _emailApiClient.CommitEmailVerifyAsync(verifyToken, ipAddress);
result = await _emailApiClient.ReportAbuseAsync(verifyToken);
// When using Postmark, receive their webhooks and forward to the Email Api with this call.
// The Email Api will take care of ban and bounce handling.
await _emailApiClient.RelayPostmarkWebhookAsync(new PostmarkWebhookRequest { });
}
}
}
@@ -0,0 +1,48 @@
using TriunniaLabs.Arch.Api.Keys.Client;
using TriunniaLabs.Arch.Microservice;
using TriunniaLabs.Memory.Protected;
namespace TriunniaLabs.Arch.Sample.Server
{
/// <summary>
/// A controller that shows how to work the Keys Api.
/// </summary>
public class KeysApiSampleController : ArchControllerBase
{
// Services
private readonly IKeysApiClient _keysApiClient;
/// <summary>
/// Constructor.
/// </summary>
/// <param name="microserviceContext">Reference to the microservice context.</param>
/// <param name="keysApiClient">Reference to the Keys Api client.</param>
public KeysApiSampleController(IMicroserviceContext microserviceContext, IKeysApiClient keysApiClient) : base(microserviceContext)
{
_keysApiClient = keysApiClient ?? throw new ArgumentNullException(nameof(keysApiClient));
}
/// <summary>
/// A sample method that shows how to work with the Keys Api.
/// </summary>
internal async Task SampleAsync()
{
var applicationId = MicroserviceContext.Settings.Application.ApplicationId; // Id of this application
var category = "MySampleCategory".AsProtected(); // Keys are grouped by category
var key = "SampleKey".AsProtected(); // The name of the key
var value = "SampleValue".AsProtected(); // The value stored in the key
// Create a new key/value in the category for the application
await _keysApiClient.CreateKeyAsync(applicationId, category, key, value);
// Update the value stored at the key in the category for the application
await _keysApiClient.UpdateKeyAsync(applicationId, category, key, "UpdatedValue".AsProtected());
// Get the value stored at the key in the category for the application
var updatedValue = await _keysApiClient.GetKeyValueAsync(applicationId, category, key);
// Delete the key/value pair in the category for the application
await _keysApiClient.DeleteKeyAsync(applicationId, category, key);
}
}
}
@@ -0,0 +1,52 @@
using TriunniaLabs.Arch.Api.Tokens.Client;
using TriunniaLabs.Arch.Microservice;
using TriunniaLabs.Memory.Protected;
namespace TriunniaLabs.Arch.Sample.Server
{
/// <summary>
/// A controller that shows how to work the Tokens Api.
/// </summary>
public class TokensApiSampleController : ArchControllerBase
{
// Services
private readonly ITokensApiClient _tokensApiClient;
/// <summary>
/// Constructor.
/// </summary>
/// <param name="microserviceContext">Reference to the microservice context.</param>
/// <param name="tokensApiClient">Reference to the Tokens Api client.</param>
public TokensApiSampleController(IMicroserviceContext microserviceContext, ITokensApiClient tokensApiClient) : base(microserviceContext)
{
_tokensApiClient = tokensApiClient ?? throw new ArgumentNullException(nameof(tokensApiClient));
}
/// <summary>
/// A sample method that shows how to work with the Tokens Api.
/// </summary>
internal async Task SampleAsync()
{
var ownerId = Guid.NewGuid().ToString().AsProtected(); // Who owns the token. Can be UserId or something else.
var ownerType = 1.AsProtected(); // Type of owner. Developer-specified field.
var ownerIpAddress = IpAddress.AsProtected(); // Ip address of the owner of the token.
var tokenType = 1.AsProtected(); // The type of token this is. Developer-specified field.
var minutes = 15.AsProtected(); // How long the token is valid in the system before it expires.
// Create a new token of the specified type for the owner
var tokenId = await _tokensApiClient.CreateTokenAsync(ownerId, ownerType, ownerIpAddress, tokenType, minutes);
// Get token by Id and type
var token = await _tokensApiClient.GetTokenAsync(tokenId, tokenType);
// Get token by Id, type, and Ip address
token = await _tokensApiClient.GetTokenAsync(tokenId, tokenType, ownerIpAddress);
// Get token by owner
token = await _tokensApiClient.GetTokenAsync(ownerId, ownerType, tokenType);
// Delete the specified token
await _tokensApiClient.DeleteTokenAsync(tokenId, tokenType);
}
}
}