using Microsoft.AspNetCore.DataProtection; using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.DependencyInjection; using ScadaLink.ConfigurationDatabase; namespace ScadaLink.ConfigurationDatabase.Tests; public class DataProtectionTests : IDisposable { private readonly string _dbPath; public DataProtectionTests() { _dbPath = Path.Combine(Path.GetTempPath(), $"scadalink_dp_test_{Guid.NewGuid()}.db"); } public void Dispose() { if (File.Exists(_dbPath)) File.Delete(_dbPath); } [Fact] public void SharedDataProtection_ProtectAndUnprotect_AcrossContainers() { var connectionString = $"DataSource={_dbPath}"; // Create the database schema var setupOptions = new DbContextOptionsBuilder() .UseSqlite(connectionString) .Options; using (var setupCtx = new ScadaLinkDbContext(setupOptions)) { setupCtx.Database.EnsureCreated(); } // Container 1: protect some data var services1 = new ServiceCollection(); services1.AddDbContext(opt => opt.UseSqlite(connectionString)); services1.AddDataProtection() .SetApplicationName("ScadaLink") .PersistKeysToDbContext(); using var provider1 = services1.BuildServiceProvider(); var protector1 = provider1.GetRequiredService() .CreateProtector("test-purpose"); var protectedPayload = protector1.Protect("secret-data"); // Container 2: unprotect using the same DB (shared keys) var services2 = new ServiceCollection(); services2.AddDbContext(opt => opt.UseSqlite(connectionString)); services2.AddDataProtection() .SetApplicationName("ScadaLink") .PersistKeysToDbContext(); using var provider2 = services2.BuildServiceProvider(); var protector2 = provider2.GetRequiredService() .CreateProtector("test-purpose"); var unprotected = protector2.Unprotect(protectedPayload); Assert.Equal("secret-data", unprotected); } }