key

docs/opc-publisher/commandline.md

@@ -18,7 +18,6 @@ When both environment variable and CLI argument are provided, the command line o
 ╚██████╔╝██║     ╚██████╗    ██║     ╚██████╔╝██████╔╝███████╗██║███████║██║  ██║███████╗██║  ██║
  ╚═════╝ ╚═╝      ╚═════╝    ╚═╝      ╚═════╝ ╚═════╝ ╚══════╝╚═╝╚══════╝╚═╝  ╚═╝╚══════╝╚═╝  ╚═╝
                                                    2.9.4 (.NET 8.0.1/win-x64/OPC Stack 1.5.373.3)
-
 General
 -------
 
@@ -67,6 +66,11 @@ General
                                reports its runtime state using a restart
                                message.
                                Default: `False` (disabled)
+      --api-key, --ApiKey=VALUE
+                             Sets the api key that must be used to authenticate
+                               calls on the publisher REST endpoint.
+                               Default: `not set` (Key will be generated if not
+                               available)
       --doa, --disableopenapi, --DisableOpenApiEndpoint[=VALUE]
                              Disable the OPC Publisher Open API endpoint
                                exposed by the built-in HTTP server.

src/Azure.IIoT.OpcUa.Publisher.Module/src/Runtime/CommandLine.cs

@@ -81,6 +81,9 @@ public CommandLine(string[] args, CommandLineLogger? logger = null)
                 { $"rs|runtimestatereporting:|{PublisherConfig.EnableRuntimeStateReportingKey}:",
                     "Enable that when publisher starts or restarts it reports its runtime state using a restart message.\nDefault: `False` (disabled)\n",
                     (bool? b) => this[PublisherConfig.EnableRuntimeStateReportingKey] = b?.ToString() ?? "True"},
+                { $"api-key=|{PublisherConfig.ApiKeyOverrideKey}=",
+                    "Sets the api key that must be used to authenticate calls on the publisher REST endpoint.\nDefault: `not set` (Key will be generated if not available) \n",
+                    s => this[PublisherConfig.ApiKeyOverrideKey] = s},
                 { $"doa|disableopenapi:|{PublisherConfig.DisableOpenApiEndpointKey}:",
                     "Disable the OPC Publisher Open API endpoint exposed by the built-in HTTP server.\nDefault: `False` (enabled).\n",
                     (bool? b) => this[PublisherConfig.DisableOpenApiEndpointKey] = b?.ToString() ?? "True" },

src/Azure.IIoT.OpcUa.Publisher.Service.WebApi/src/Azure.IIoT.OpcUa.Publisher.Service.WebApi.csproj

@@ -20,7 +20,7 @@
     <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.1" />
     <PackageReference Include="Microsoft.AspNetCore.SignalR.Protocols.NewtonsoftJson" Version="8.0.1" />
     <PackageReference Include="Microsoft.AspNetCore.SignalR.Protocols.MessagePack" Version="8.0.1" />
-    <PackageReference Include="Microsoft.Identity.Web" Version="2.16.1" />
+    <PackageReference Include="Microsoft.Identity.Web" Version="2.17.0" />
     <PackageReference Include="System.Security.Cryptography.Pkcs" Version="8.0.0" />
     <PackageReference Include="OpenTelemetry.Extensions.Hosting" Version="1.7.0" />
     <PackageReference Include="OpenTelemetry.Instrumentation.Http" Version="1.7.0" />

src/Azure.IIoT.OpcUa.Publisher/src/Runtime/PublisherConfig.cs

@@ -63,6 +63,7 @@ public sealed class PublisherConfig : PostConfigureOptionBase<PublisherOptions>
         public const string RenewTlsCertificateOnStartupKey = "RenewTlsCertificateOnStartup";
         public const string DefaultTransportKey = "DefaultTransport";
         public const string DefaultQualityOfServiceKey = "DefaultQualityOfService";
+        public const string ApiKeyOverrideKey = "ApiKey";
 #pragma warning restore CS1591 // Missing XML comment for publicly visible type or member
 
         /// <summary>
@@ -380,6 +381,11 @@ public override void PostConfigure(string? name, PublisherOptions options)
                 }
                 options.DefaultNamespaceFormat = namespaceFormat;
             }
+
+            if (options.ApiKeyOverride == null)
+            {
+                options.ApiKeyOverride = GetStringOrDefault(ApiKeyOverrideKey);
+            }
         }
 
         /// <summary>

src/Azure.IIoT.OpcUa.Publisher/src/Runtime/PublisherOptions.cs

@@ -199,5 +199,10 @@ public sealed class PublisherOptions
         /// Scale test option
         /// </summary>
         public int? ScaleTestCount { get; set; }
+
+        /// <summary>
+        /// Allow setting or overriding the current api key
+        /// </summary>
+        public string? ApiKeyOverride { get; set; }
     }
 }

src/Azure.IIoT.OpcUa.Publisher/src/Services/RuntimeStateReporter.cs

@@ -172,9 +172,21 @@ private async Task UpdateApiKeyAndCertificateAsync()
                 ApiKey = (string?)apiKeyStore.State[OpcUa.Constants.TwinPropertyApiKeyKey];
                 _logger.LogInformation("Api Key exists in {Store} store...", apiKeyStore.Name);
             }
-            else
+
+            if (!string.IsNullOrWhiteSpace(_options.Value.ApiKeyOverride) &&
+                ApiKey != _options.Value.ApiKeyOverride)
+            {
+                Debug.Assert(_stores.Count > 0);
+                _logger.LogInformation("Using Api Key provided in configuration...");
+                ApiKey = _options.Value.ApiKeyOverride;
+
+                _stores[0].State.Add(OpcUa.Constants.TwinPropertyApiKeyKey, ApiKey);
+            }
+
+            if (string.IsNullOrWhiteSpace(ApiKey))
             {
                 Debug.Assert(_stores.Count > 0);
+
                 _logger.LogInformation("Generating new Api Key in {Store} store...",
                     _stores[0].Name);
                 ApiKey = RandomNumberGenerator.GetBytes(20).ToBase64String();