eelke
07393f57fc
Added the use of DEK's for encryption of secrets. Both the KEK's and DEK's are stored in a way that you can have multiple key of which one is active. But the others are still available for decrypting. This allows for implementing key rotation. Co-authored-by: eelke <eelke@eelkeklein.nl> Co-authored-by: Eelke76 <31384324+Eelke76@users.noreply.github.com> Reviewed-on: #6
26 lines
No EOL
620 B
C#
26 lines
No EOL
620 B
C#
using IdentityShroud.Core.Contracts;
|
|
using IdentityShroud.Core.Model;
|
|
using Microsoft.AspNetCore.Http;
|
|
|
|
namespace IdentityShroud.Core.Services;
|
|
|
|
public class RealmContext(
|
|
IHttpContextAccessor accessor,
|
|
IRealmService realmService) : IRealmContext
|
|
{
|
|
public Realm GetRealm()
|
|
{
|
|
return (Realm)accessor.HttpContext.Items["RealmEntity"];
|
|
}
|
|
|
|
public async Task<IList<RealmDek>> GetDeks(CancellationToken ct = default)
|
|
{
|
|
Realm realm = GetRealm();
|
|
if (realm.Deks.Count == 0)
|
|
{
|
|
await realmService.LoadDeks(realm);
|
|
}
|
|
|
|
return realm.Deks;
|
|
}
|
|
} |