Class ProfileServer

Implements a named-pipe based server that will be used to receive requests from MaintainerProfile. This server listens on a named pipe and only allows connections from other processes running on behalf of the current user.

Inheritance

object

ProfileServer

Namespace: Neon.Deployment

Assembly: Neon.Deployment.dll

Syntax

public sealed class ProfileServer

Remarks

note

This class currently supports only Windows.

This server implements simple string based request response protocol, where the client writes a line of text with the request and the server sends a line of text as the response. Only one request/response per client pipe connection is allowed. Requests are formatted like:

COMMAND: [ ARG1=VALUE1, ARG2=VALUE2,... ]

where COMMAND is one of the values below with one or more comma separated arguments formatted as name/value pairs. Response lines are formatted like:

OK: OK: RESULT OK-JSON: JSON ERROR: MESSAGE

where the "OK:" and "OK-JSON:" prefixes indicate that the operation succeeded. Some operations like password or value lookups simply return the request result as the string after the prefix. Future operations may return a JSON result.

The ERROR[STATUS]: prefix indicates an error occured. STATUS identifies the specific error and the response will typically include an message describing what happened. The supported status codes are defined by ProfileStatus.

Here are the supported commands:

ENSURE-AUTHENTICATED	`(seconds)` Ensures that the profile server is currently signed-in and also extends the sign-in period.
SIGN-OUT	Signs the profile server out of the credentials source.
GET-SECRET-PASSWORD	`(name, [vault], [masterpassword])` This requests a password from 1Password by name and vault, which is optional and defaults to the user name as defined by the userVault Neon Assistant setting. The password is returned as the response. masterpassword is optional. This is passed in circumstances where the caller already knows the master password, such as for fully automated CI/CD operations. note The value returned by the protocol is value encoded as UTF-8 and then converted to base64. This allows for multi-line results.
GET-SECRET-VALUE	`(name, [vault], [masterpassword])` This requests a secret value from 1Password by name and vault, which is optional and defaults to the user name as defined by the userVault Neon Assistant setting. The value is returned as the response. masterpassword is optional. This is passed in circumstances where the caller already knows the master password, such as for fully automated CI/CD operations. note The value returned by the protocol is value encoded as UTF-8 and then converted to base64. This allows for multi-line results.
GET-PROFILE-VALUE	`(name)` This requests a profile value the user's local profile by `NAME`. he value is returned as the response. note The value returned by the protocol is value encoded as UTF-8 and then converted to base64. This allows for multi-line results.
CALL	This submits an arbitrary operation to the server, passing arguments and returning a result string. We're using this to workaround some limitations with the GHCR REST API by locating the implementation in neon-assistant. We may use this in the future for other neon-assistant interactions. note The value returned by the protocol is value encoded as UTF-8 and then converted to base64. This allows for multi-line results.

Constructors

ProfileServer(string, int)

Constructor.

note

ProfileServer currently supports only Windows.

Declaration

public ProfileServer(string pipeName = "neon-profile-service", int threadCount = 10)

Parameters

Type	Name	Description
string	pipeName	The server named pipe name. This defaults to NeonProfileServicePipe.
int	threadCount	Optionally specifies the number of threads to create to handle inbound requests. This defaults to 10.

Properties

CallHandler

Callback that performs an arbitrary operation.

note

This must be initalized before calling Start().

Declaration

public Func<ProfileRequest, ProfileHandlerResult> CallHandler { get; set; }

Property Value

Type	Description
Func<ProfileRequest, ProfileHandlerResult>

EnsureAuthenticatedHandler

Callback that ensures that the server is signed-in and also extends the sign-in period.

note

This must be initalized before calling Start().

Declaration

public Func<ProfileRequest, ProfileHandlerResult> EnsureAuthenticatedHandler { get; set; }

Property Value

Type	Description
Func<ProfileRequest, ProfileHandlerResult>

GetIsReady

Optional callback used to determine whether the profile server implementation is ready for requests. The handler returns null when ready or a ProfileHandlerResult error to be returned to the caller.

Declaration

public Func<ProfileHandlerResult> GetIsReady { get; set; }

Property Value

Type	Description
Func<ProfileHandlerResult>

GetProfileValueHandler

Callback that retrieves a profile value. The parameters is the profile value name.

note

This must be initalized before calling Start().

Declaration

public Func<ProfileRequest, string, ProfileHandlerResult> GetProfileValueHandler { get; set; }

Property Value

Type	Description
Func<ProfileRequest, string, ProfileHandlerResult>

GetSecretPasswordHandler

Callback that retrieves a secret password. The parameters are the secret name optional vault and master password.

note

This must be initalized before calling Start().

Declaration

public Func<ProfileRequest, string, string, string, ProfileHandlerResult> GetSecretPasswordHandler { get; set; }

Property Value

Type	Description
Func<ProfileRequest, string, string, string, ProfileHandlerResult>

GetSecretValueHandler

Callback that retrieves a secret value. The parameters are the secret name optional vault, and master password.

note

This must be initalized before calling Start().

Declaration

public Func<ProfileRequest, string, string, string, ProfileHandlerResult> GetSecretValueHandler { get; set; }

Property Value

Type	Description
Func<ProfileRequest, string, string, string, ProfileHandlerResult>

SignoutHandler

Callback that signs the server out from the credentials source.

note

This must be initalized before calling Start().

Declaration

public Func<ProfileRequest, ProfileHandlerResult> SignoutHandler { get; set; }

Property Value

Type	Description
Func<ProfileRequest, ProfileHandlerResult>

Methods

Dispose()

Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.

Declaration

public void Dispose()

ParseSecretName(string)

Parses a secret name by extracting the name and property components. secret names can be formatted like: NAME or NAME[PROPERTY].

note

When the property syntax passed is malformed, we're just going to return the entire input string as the name rather than throwing an exception here. This will probably result in a failed lookup which will be reported to the user who will have a good chance then of figuring out what happened.

Declaration

public static (string Name, string Property) ParseSecretName(string secretName)

Parameters

Type	Name	Description
string	secretName	The secret name.

Returns

Type	Description
(string Name, string Property)	An anonymous structure including the name and property (if specified).

Start()

Starts the server. You must call this after configuring the handler callbacks.

Declaration

public void Start()

Exceptions

Type	Condition
InvalidOperationException	Thrown if any of the handlers are not initialized.