Add secrets studio module

Elsa.Studio.sln

@@ -134,6 +134,8 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Elsa.Studio.Diagnostics.Con
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Elsa.Studio.Diagnostics.ConsoleLogs.Tests", "src\modules\Elsa.Studio.Diagnostics.ConsoleLogs.Tests\Elsa.Studio.Diagnostics.ConsoleLogs.Tests.csproj", "{452ED38D-72DA-4C11-8EBE-AAD0C5608E20}"
 EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Elsa.Studio.Secrets", "src\modules\Elsa.Studio.Secrets\Elsa.Studio.Secrets.csproj", "{BC7D8A73-A386-4D89-9CBF-88BDC18CC85C}"
+EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Elsa.Studio.Alterations", "src\modules\Elsa.Studio.Alterations\Elsa.Studio.Alterations.csproj", "{250EE233-BF7A-459C-8FC9-B26D81880442}"
 EndProject
 Global
@@ -651,6 +653,18 @@ Global
 		{452ED38D-72DA-4C11-8EBE-AAD0C5608E20}.Release|x64.Build.0 = Release|Any CPU
 		{452ED38D-72DA-4C11-8EBE-AAD0C5608E20}.Release|x86.ActiveCfg = Release|Any CPU
 		{452ED38D-72DA-4C11-8EBE-AAD0C5608E20}.Release|x86.Build.0 = Release|Any CPU
+		{BC7D8A73-A386-4D89-9CBF-88BDC18CC85C}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{BC7D8A73-A386-4D89-9CBF-88BDC18CC85C}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{BC7D8A73-A386-4D89-9CBF-88BDC18CC85C}.Debug|x64.ActiveCfg = Debug|Any CPU
+		{BC7D8A73-A386-4D89-9CBF-88BDC18CC85C}.Debug|x64.Build.0 = Debug|Any CPU
+		{BC7D8A73-A386-4D89-9CBF-88BDC18CC85C}.Debug|x86.ActiveCfg = Debug|Any CPU
+		{BC7D8A73-A386-4D89-9CBF-88BDC18CC85C}.Debug|x86.Build.0 = Debug|Any CPU
+		{BC7D8A73-A386-4D89-9CBF-88BDC18CC85C}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{BC7D8A73-A386-4D89-9CBF-88BDC18CC85C}.Release|Any CPU.Build.0 = Release|Any CPU
+		{BC7D8A73-A386-4D89-9CBF-88BDC18CC85C}.Release|x64.ActiveCfg = Release|Any CPU
+		{BC7D8A73-A386-4D89-9CBF-88BDC18CC85C}.Release|x64.Build.0 = Release|Any CPU
+		{BC7D8A73-A386-4D89-9CBF-88BDC18CC85C}.Release|x86.ActiveCfg = Release|Any CPU
+		{BC7D8A73-A386-4D89-9CBF-88BDC18CC85C}.Release|x86.Build.0 = Release|Any CPU
 		{250EE233-BF7A-459C-8FC9-B26D81880442}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
 		{250EE233-BF7A-459C-8FC9-B26D81880442}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{250EE233-BF7A-459C-8FC9-B26D81880442}.Debug|x64.ActiveCfg = Debug|Any CPU
@@ -721,6 +735,7 @@ Global
 		{F8CBDB48-0DD5-42F1-8970-B9DCF3BBF19F} = {CFC0C2A5-0013-4767-A743-BF0CEC0DEA25}
 		{E1A05EA0-466A-422D-86A1-92574CCA9A2B} = {9496DC7B-D390-44C6-86C7-B49CFEB3DDBF}
 		{452ED38D-72DA-4C11-8EBE-AAD0C5608E20} = {9496DC7B-D390-44C6-86C7-B49CFEB3DDBF}
+		{BC7D8A73-A386-4D89-9CBF-88BDC18CC85C} = {D66B9A40-8608-46F3-9868-625C50EACE43}
 		{250EE233-BF7A-459C-8FC9-B26D81880442} = {D66B9A40-8608-46F3-9868-625C50EACE43}
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution

src/bundles/Elsa.Studio/Elsa.Studio.csproj

@@ -10,6 +10,7 @@
         <ProjectReference Include="..\..\modules\Elsa.Studio.Dashboard\Elsa.Studio.Dashboard.csproj"/>
         <ProjectReference Include="..\..\modules\Elsa.Studio.Diagnostics.ConsoleLogs\Elsa.Studio.Diagnostics.ConsoleLogs.csproj"/>
         <ProjectReference Include="..\..\modules\Elsa.Studio.Diagnostics.StructuredLogs\Elsa.Studio.Diagnostics.StructuredLogs.csproj"/>
+        <ProjectReference Include="..\..\modules\Elsa.Studio.Secrets\Elsa.Studio.Secrets.csproj"/>
         <ProjectReference Include="..\..\modules\Elsa.Studio.Workflows\Elsa.Studio.Workflows.csproj"/>
     </ItemGroup>
 

src/hosts/Elsa.Studio.Host.CustomElements/Elsa.Studio.Host.CustomElements.csproj

@@ -26,6 +26,7 @@
         <ProjectReference Include="..\..\framework\Elsa.Studio.Shell\Elsa.Studio.Shell.csproj"/>
         <ProjectReference Include="..\..\modules\Elsa.Studio.Localization.BlazorWasm\Elsa.Studio.Localization.BlazorWasm.csproj" />
         <ProjectReference Include="..\..\modules\Elsa.Studio.Login\Elsa.Studio.Login.csproj" />
+        <ProjectReference Include="..\..\modules\Elsa.Studio.Secrets\Elsa.Studio.Secrets.csproj" />
         <ProjectReference Include="..\..\modules\Elsa.Studio.Workflows\Elsa.Studio.Workflows.csproj" />
     </ItemGroup>
 

src/hosts/Elsa.Studio.Host.CustomElements/Program.cs

@@ -12,6 +12,7 @@
 using Elsa.Studio.Localization.Models;
 using Elsa.Studio.Localization.BlazorWasm.Extensions;
 using Elsa.Studio.Models;
+using Elsa.Studio.Secrets.Extensions;
 using Elsa.Studio.Workflows.Designer.Extensions;
 using Microsoft.AspNetCore.Components.Web;
 using Microsoft.AspNetCore.Components.WebAssembly.Hosting;
@@ -54,6 +55,7 @@
 builder.Services.Replace(ServiceDescriptor.Scoped<IRemoteBackendAccessor, ComponentRemoteBackendAccessor>());
 builder.Services.AddScoped<IHttpConnectionOptionsConfigurator, BackendServiceHttpConnectionOptionsConfigurator>();
 builder.Services.AddWorkflowsModule();
+builder.Services.AddSecretsModule(backendApiConfig);
 builder.Services.AddLocalizationModule(localizationConfig);
 builder.Services.AddScoped<ITimeZoneProvider, LocalTimeZoneProvider>();
 
@@ -68,4 +70,3 @@
 
 // Run the application.
 await app.RunAsync();
-

src/hosts/Elsa.Studio.Host.Server/Elsa.Studio.Host.Server.csproj

@@ -24,6 +24,7 @@
         <ProjectReference Include="..\..\modules\Elsa.Studio.Dashboard\Elsa.Studio.Dashboard.csproj" />
         <ProjectReference Include="..\..\modules\Elsa.Studio.Labels\Elsa.Studio.Labels.csproj" />
         <ProjectReference Include="..\..\modules\Elsa.Studio.Localization.BlazorServer\Elsa.Studio.Localization.BlazorServer.csproj" />
+        <ProjectReference Include="..\..\modules\Elsa.Studio.Secrets\Elsa.Studio.Secrets.csproj" />
         <ProjectReference Include="..\..\modules\Elsa.Studio.Workflows\Elsa.Studio.Workflows.csproj" />
     </ItemGroup>
 

src/hosts/Elsa.Studio.Host.Server/Program.cs

@@ -19,6 +19,7 @@
 using Elsa.Studio.Models;
 using Elsa.Studio.Diagnostics.ConsoleLogs.Extensions;
 using Elsa.Studio.Diagnostics.StructuredLogs.Extensions;
+using Elsa.Studio.Secrets.Extensions;
 using Elsa.Studio.Shell.Extensions;
 using Elsa.Studio.Translations;
 using Elsa.Studio.Workflows.ActivityPickers.Treeview;
@@ -120,6 +121,7 @@
 builder.Services.AddAlterationsModule();
 builder.Services.AddConsoleLogsModule(backendApiConfig);
 builder.Services.AddStructuredLogsModule(backendApiConfig);
+builder.Services.AddSecretsModule(backendApiConfig);
 builder.Services.AddLocalizationModule(localizationConfig);
 builder.Services.AddTranslations();
 

src/hosts/Elsa.Studio.Host.Wasm/Elsa.Studio.Host.Wasm.csproj

@@ -32,6 +32,7 @@
       <ProjectReference Include="..\..\modules\Elsa.Studio.Localization.BlazorWasm\Elsa.Studio.Localization.BlazorWasm.csproj" />
       <ProjectReference Include="..\..\modules\Elsa.Studio.Login.BlazorWasm\Elsa.Studio.Login.BlazorWasm.csproj" />
       <ProjectReference Include="..\..\modules\Elsa.Studio.Login\Elsa.Studio.Login.csproj" />
+      <ProjectReference Include="..\..\modules\Elsa.Studio.Secrets\Elsa.Studio.Secrets.csproj" />
     </ItemGroup>
 
 </Project>

src/hosts/Elsa.Studio.Host.Wasm/Program.cs

@@ -22,6 +22,7 @@
 using Elsa.Studio.Login.HttpMessageHandlers;
 using Elsa.Studio.Diagnostics.ConsoleLogs.Extensions;
 using Elsa.Studio.Diagnostics.StructuredLogs.Extensions;
+using Elsa.Studio.Secrets.Extensions;
 
 // Build the host.
 var builder = WebAssemblyHostBuilder.CreateDefault(args);
@@ -94,6 +95,7 @@
 services.AddAlterationsModule();
 services.AddConsoleLogsModule(backendApiConfig);
 services.AddStructuredLogsModule(backendApiConfig);
+services.AddSecretsModule(backendApiConfig);
 services.AddLocalizationModule(localizationConfig);
 
 // Build the application.

src/modules/Elsa.Studio.Secrets/Client/ISecretsApi.cs

@@ -0,0 +1,34 @@
+using Elsa.Studio.Secrets.Models;
+using Refit;
+
+namespace Elsa.Studio.Secrets.Client;
+
+public interface ISecretsApi
+{
+    [Get("/secrets")]
+    Task<ListSecretsResponse> ListAsync(string? search = null, string? typeName = null, string? storeName = null, string? scope = null, SecretStatus? status = null, int? page = null, int? pageSize = null, CancellationToken cancellationToken = default);
+
+    [Get("/secrets/{name}")]
+    Task<SecretModel> GetAsync(string name, CancellationToken cancellationToken = default);
+
+    [Post("/secrets")]
+    Task<SecretModel> CreateAsync([Body] CreateSecretRequest request, CancellationToken cancellationToken = default);
+
+    [Post("/secrets/{name}/rotate")]
+    Task<SecretModel> RotateAsync(string name, [Body] RotateSecretRequest request, CancellationToken cancellationToken = default);
+
+    [Post("/secrets/{name}/revoke")]
+    Task<SecretModel> RevokeAsync(string name, CancellationToken cancellationToken = default);
+
+    [Delete("/secrets/{name}")]
+    Task DeleteAsync(string name, CancellationToken cancellationToken = default);
+
+    [Post("/secrets/{name}/test")]
+    Task<SecretTestResponse> TestAsync(string name, CancellationToken cancellationToken = default);
+
+    [Get("/secrets/descriptors")]
+    Task<SecretDescriptorsResponse> GetDescriptorsAsync(CancellationToken cancellationToken = default);
+
+    [Post("/secrets/picker")]
+    Task<SecretPickerResponse> PickAsync([Body] SecretPickerRequest request, CancellationToken cancellationToken = default);
+}

src/modules/Elsa.Studio.Secrets/Components/CreateSecretDialog.razor

@@ -0,0 +1,86 @@
+@using Elsa.Studio.Contracts
+@using Elsa.Studio.Secrets.Client
+@inject IBackendApiClientProvider ApiClientProvider
+
+<MudDialog>
+    <DialogContent>
+        <MudForm @ref="_form">
+            <MudStack Spacing="4">
+                <MudTextField @bind-Value="_model.Name" Label="Technical name" Required="true" Variant="Variant.Outlined" />
+                <MudTextField @bind-Value="_model.DisplayName" Label="Display name" Variant="Variant.Outlined" />
+                <MudTextField @bind-Value="_model.Description" Label="Description" Lines="3" Variant="Variant.Outlined" />
+
+                <MudSelect T="string" Value="_model.TypeName" ValueChanged="OnTypeChanged" Label="Type" Required="true" Variant="Variant.Outlined">
+                    @foreach (var type in Descriptors.Types)
+                    {
+                        <MudSelectItem T="string" Value="@type.Name">@type.DisplayName</MudSelectItem>
+                    }
+                </MudSelect>
+
+                <MudSelect T="string" @bind-Value="_model.StoreName" Label="Store" Required="true" Variant="Variant.Outlined">
+                    @foreach (var store in CompatibleStores)
+                    {
+                        <MudSelectItem T="string" Value="@store.Name">@store.DisplayName</MudSelectItem>
+                    }
+                </MudSelect>
+
+                @if (_model.StoreName == SecretStoreNames.Configuration)
+                {
+                    <MudTextField @bind-Value="_model.ConfigurationKey" Label="Configuration key" Required="true" Variant="Variant.Outlined" />
+                }
+                else
+                {
+                    <MudTextField @bind-Value="_model.Value" Label="Value" Required="true" InputType="InputType.Password" Variant="Variant.Outlined" />
+                }
+
+                <MudTextField @bind-Value="_model.Scope" Label="Scope" Variant="Variant.Outlined" />
+            </MudStack>
+        </MudForm>
+    </DialogContent>
+    <DialogActions>
+        <MudButton OnClick="Cancel">Cancel</MudButton>
+        <MudButton Color="Color.Primary" Variant="Variant.Filled" OnClick="Submit">Create</MudButton>
+    </DialogActions>
+</MudDialog>
+
+@code {
+    private MudForm _form = default!;
+    private readonly CreateSecretRequest _model = new();
+
+    [Parameter] public SecretDescriptorsResponse Descriptors { get; set; } = new();
+    [CascadingParameter] private IMudDialogInstance MudDialog { get; set; } = default!;
+
+    private IEnumerable<SecretStoreDescriptor> CompatibleStores
+    {
+        get
+        {
+            var type = Descriptors.Types.FirstOrDefault(x => x.Name == _model.TypeName);
+            return type == null
+                ? Descriptors.Stores
+                : Descriptors.Stores.Where(x => type.SupportedStoreNames.Contains(x.Name, StringComparer.OrdinalIgnoreCase));
+        }
+    }
+
+    protected override void OnParametersSet()
+    {
+        _model.TypeName = Descriptors.Types.FirstOrDefault()?.Name ?? SecretTypeNames.Text;
+        _model.StoreName = CompatibleStores.FirstOrDefault()?.Name ?? SecretStoreNames.Encrypted;
+    }
+
+    private void OnTypeChanged(string typeName)
+    {
+        _model.TypeName = typeName;
+        _model.StoreName = CompatibleStores.FirstOrDefault()?.Name ?? SecretStoreNames.Encrypted;
+    }
+
+    private void Cancel() => MudDialog.Cancel();
+
+    private async Task Submit()
+    {
+        await _form.Validate();
+        if (!_form.IsValid)
+            return;
+
+        MudDialog.Close(_model);
+    }
+}

src/modules/Elsa.Studio.Secrets/Components/SecretPicker.razor

@@ -0,0 +1,90 @@
+@using Elsa.Studio.Contracts
+@using Elsa.Studio.Secrets.Client
+@inject IBackendApiClientProvider ApiClientProvider
+@inject IDialogService DialogService
+@inject ISnackbar Snackbar
+
+<MudStack Row="true" AlignItems="AlignItems.Center" Spacing="2">
+    <MudSelect T="string" Value="Value" ValueChanged="OnValueChanged" Label="@Label" Dense="true" Variant="Variant.Outlined" Clearable="true" Class="flex-grow-1">
+        @foreach (var secret in _items)
+        {
+            <MudSelectItem T="string" Value="@secret.Name">@secret.DisplayName (@secret.Name)</MudSelectItem>
+        }
+    </MudSelect>
+    @if (AllowInlineCreate && _canCreateInline)
+    {
+        <MudTooltip Text="Create secret">
+            <MudIconButton Icon="@Icons.Material.Filled.Add" Color="Color.Primary" OnClick="CreateInlineAsync" />
+        </MudTooltip>
+    }
+</MudStack>
+
+@code {
+    private ICollection<SecretModel> _items = [];
+    private SecretDescriptorsResponse _descriptors = new();
+    private bool _canCreateInline;
+    private string[]? _loadedTypeNames;
+    private string? _loadedScope;
+
+    [Parameter] public string? Value { get; set; }
+    [Parameter] public EventCallback<string?> ValueChanged { get; set; }
+    [Parameter] public string Label { get; set; } = "Secret";
+    [Parameter] public ICollection<string> TypeNames { get; set; } = [];
+    [Parameter] public string? Scope { get; set; }
+    [Parameter] public bool AllowInlineCreate { get; set; } = true;
+
+    protected override async Task OnParametersSetAsync()
+    {
+        if (ShouldLoad())
+            await LoadAsync();
+    }
+
+    private async Task LoadAsync()
+    {
+        try
+        {
+            var api = await ApiClientProvider.GetApiAsync<ISecretsApi>();
+            _descriptors = await api.GetDescriptorsAsync();
+            var response = await api.PickAsync(new SecretPickerRequest { TypeNames = TypeNames, Scope = Scope });
+            _items = response.Items;
+            _canCreateInline = response.CanCreateInline;
+            _loadedTypeNames = TypeNames.ToArray();
+            _loadedScope = Scope;
+        }
+        catch (Exception e)
+        {
+            _items = [];
+            _canCreateInline = false;
+            Snackbar.Add(e.Message, Severity.Error);
+        }
+    }
+
+    private bool ShouldLoad()
+    {
+        return _loadedTypeNames == null || !TypeNames.SequenceEqual(_loadedTypeNames) || !string.Equals(Scope, _loadedScope, StringComparison.Ordinal);
+    }
+
+    private Task OnValueChanged(string? value) => ValueChanged.InvokeAsync(value);
+
+    private async Task CreateInlineAsync()
+    {
+        var parameters = new DialogParameters<CreateSecretDialog> { { x => x.Descriptors, _descriptors } };
+        var options = new DialogOptions { CloseOnEscapeKey = true, CloseButton = true, FullWidth = true, MaxWidth = MaxWidth.Small };
+        var dialog = await DialogService.ShowAsync<CreateSecretDialog>("Create Secret", parameters, options);
+        var result = await dialog.Result;
+        if (result is not { Canceled: false, Data: CreateSecretRequest request })
+            return;
+
+        try
+        {
+            var api = await ApiClientProvider.GetApiAsync<ISecretsApi>();
+            var created = await api.CreateAsync(request);
+            await LoadAsync();
+            await ValueChanged.InvokeAsync(created.Name);
+        }
+        catch (Exception e)
+        {
+            Snackbar.Add(e.Message, Severity.Error);
+        }
+    }
+}

src/modules/Elsa.Studio.Secrets/Elsa.Studio.Secrets.csproj

@@ -0,0 +1,17 @@
+<Project Sdk="Microsoft.NET.Sdk.Razor">
+
+    <PropertyGroup>
+        <Description>Adds secret management and picker UX to Elsa Studio.</Description>
+        <PackageTags>elsa studio module secrets security</PackageTags>
+        <NoWarn>$(NoWarn);CS1591</NoWarn>
+    </PropertyGroup>
+
+    <ItemGroup>
+        <SupportedPlatform Include="browser" />
+    </ItemGroup>
+
+    <ItemGroup>
+        <ProjectReference Include="..\..\framework\Elsa.Studio.Shared\Elsa.Studio.Shared.csproj" />
+    </ItemGroup>
+
+</Project>

src/modules/Elsa.Studio.Secrets/Extensions/ServiceCollectionExtensions.cs

@@ -0,0 +1,19 @@
+using Elsa.Studio.Contracts;
+using Elsa.Studio.Extensions;
+using Elsa.Studio.Models;
+using Elsa.Studio.Secrets.Client;
+using Elsa.Studio.Secrets.Menu;
+using Microsoft.Extensions.DependencyInjection;
+
+namespace Elsa.Studio.Secrets.Extensions;
+
+public static class ServiceCollectionExtensions
+{
+    public static IServiceCollection AddSecretsModule(this IServiceCollection services, BackendApiConfig backendApiConfig)
+    {
+        return services
+            .AddScoped<IFeature, Feature>()
+            .AddScoped<IMenuProvider, SecretsMenu>()
+            .AddRemoteApi<ISecretsApi>(backendApiConfig);
+    }
+}

src/modules/Elsa.Studio.Secrets/Feature.cs

@@ -0,0 +1,10 @@
+using Elsa.Studio.Abstractions;
+using Elsa.Studio.Attributes;
+
+namespace Elsa.Studio.Secrets;
+
+[RemoteFeature(RemoteFeatureName)]
+public class Feature : FeatureBase
+{
+    public const string RemoteFeatureName = "Elsa.Secrets.ShellFeatures.Secrets";
+}

src/modules/Elsa.Studio.Secrets/FodyWeavers.xml

@@ -0,0 +1,3 @@
+<Weavers>
+    <ConfigureAwait ContinueOnCapturedContext="false" />
+</Weavers>