Service name
Tekelija.Masstransit.MessageDataRepository
Description
General purpose (although used for masstransit message data transport) service that should store and retrieve arbitrary binary objects (blobs) with optional encryption at rest using encryption certificate. Every blob has expiration date - if not explicitly set during creation then default time to live (in hours) will be used. To make at least some sense of all that service runs internal cron job which should clear all expired data on every 10 minutes.
Requirements
-
database backend for storing message metadata (mandatory). Database backend may be mongodb, mssql, sqlite or mysql, and default database backend is sqlite so we can say that this is not requirement per se :)
-
encryption certificate (optional): to encrypt stored blobs you will need encryption certificate. This kind of certificates MAY be created using Authenticatomatic.CLI tool, for example.
Configuration
Module config
{
"MessageDataRepository": {
"Database": null,
"ConnectionString": null,
"DefaultTTL": null,
"Storage": {
"Root": null,
"CertificatePath": null,
"CertificatePassword": null
}
}
}
| Name | Type | Default | Description |
|---|---|---|---|
| Database | string | sqlite | Database type: mssql, mysql, mongodb or sqlite |
| ConnectionString | string | datasource=./messagedatarepository.db;cache=shared; | Connection string, default value is set only if Database is not configured |
| DefaultTTL | int | 12 | Default message retention time (if not set per message) in hours |
| Storage | StorageConfiguration | see below | Storage configuration |
Storage configuration:
| Name | Type | Default | Description |
|---|---|---|---|
| Root | string | ./storage | Folder to store blobs, default is relative to working directory |
| CertificatePath | string | null | Path to encryption certificate (pfx). If null, no encryption will be used |
| CertificatePassword | string | null | Encryption certificate password, if any |
Authorization config
{
"AuthServer": {
"Issuer": "https://authenticatomatic.urszr.si:22000",
"ClientId": null,
"ClientSecret": null,
"Audience": null
}
}
| Name | Type | Default | Description |
|---|---|---|---|
| Issuer | string | null | OAuth server url |
| ClientId | string | null | Authorization app id |
| ClientSecret | string | null | Authorization app secret |
| Audience | string[] | null | Array of audiences (scope resources) to be used in token validation |
Usage
Service exposes two endpoints:
Store blob
POST /<id>
where id is arbitraty blob identifier
Query params:
| Name | Description |
|---|---|
| ttl | Time to live - timespan when message is eligible for removal, formatted as ‘+-hh:mm:ss’. Parameter is optional, and if not supplied, configured default time to live will be used |
Returns:
201 Created, with blob retrieval url set in Location header
* Mark bundle as not supporting multiuse
< HTTP/1.1 201 Created
< Content-Length: 0
< Date: Wed, 22 Jun 2022 20:17:19 GMT
< Server: Kestrel
< Location: http://localhost:5210/593eb285-5edc-4030-abb5-34d15672118f
Example
curl --location --request POST 'http://localhost:5210/593EB285-5EDC-4030-ABB5-34D15672118F?ttl=-2:00:00' \
--data-binary '@./Asterisk-manager-win-x64.zip'
Retrieve blob
POST /<id>
where id is, again, arbitrary blob identifier. This endpoint returns blob as application/octet-stream or 404 if either data or stored blob cant
be found.