Added allowlist and denylist, fixed patchy configuration with proper options models, fixed api middleware authorization issues

src/Server/AIProvider.cs

@@ -1,24 +1,25 @@
 
 using System.Text;
+using System.Text.RegularExpressions;
+using Microsoft.Extensions.Options;
 using Newtonsoft.Json;
 using Newtonsoft.Json.Linq;
 using Server.Exceptions;
+using Server.Models;
 
 namespace Server;
 
 public class AIProvider
 {
     private readonly ILogger<AIProvider> _logger;
-    private readonly IConfiguration _configuration;
-    public AIProvidersConfiguration aIProvidersConfiguration;
+    private readonly EmbeddingSearchOptions _configuration;
+    public Dictionary<string, AiProvider> aIProvidersConfiguration;
 
-    public AIProvider(ILogger<AIProvider> logger, IConfiguration configuration)
+    public AIProvider(ILogger<AIProvider> logger, IOptions<EmbeddingSearchOptions> configuration)
     {
         _logger = logger;
-        _configuration = configuration;
-        AIProvidersConfiguration? retrievedAiProvidersConfiguration = _configuration
-            .GetSection("Embeddingsearch")
-            .Get<AIProvidersConfiguration>();
+        _configuration = configuration.Value;
+        Dictionary<string, AiProvider>? retrievedAiProvidersConfiguration = _configuration.AiProviders;
         if (retrievedAiProvidersConfiguration is null)
         {
             _logger.LogCritical("Unable to build AIProvidersConfiguration. Please check your configuration.");
@@ -35,8 +36,8 @@ public class AIProvider
         Uri uri = new(modelUri);
         string provider = uri.Scheme;
         string model = uri.AbsolutePath;
-        AIProviderConfiguration? aIProvider = aIProvidersConfiguration.AiProviders
-            .FirstOrDefault(x => String.Equals(x.Key.ToLower(), provider.ToLower()))
+        AiProvider? aIProvider = aIProvidersConfiguration
+            .FirstOrDefault(x => string.Equals(x.Key.ToLower(), provider.ToLower()))
             .Value;
         if (aIProvider is null)
         {
@@ -119,12 +120,12 @@ public class AIProvider
 
     public string[] GetModels()
     {
-        var aIProviders = aIProvidersConfiguration.AiProviders;
+        var aIProviders = aIProvidersConfiguration;
         List<string> results = [];
-        foreach (KeyValuePair<string, AIProviderConfiguration> aIProviderKV in aIProviders)
+        foreach (KeyValuePair<string, AiProvider> aIProviderKV in aIProviders)
         {
             string aIProviderName = aIProviderKV.Key;
-            AIProviderConfiguration aIProvider = aIProviderKV.Value;
+            AiProvider aIProvider = aIProviderKV.Value;
 
             using var httpClient = new HttpClient();
 
@@ -178,7 +179,12 @@ public class AIProvider
                 foreach (string? result in aIProviderResult)
                 {
                     if (result is null) continue;
-                    results.Add(aIProviderName + ":" + result);
+                    bool isInAllowList = ElementMatchesAnyRegexInList(result, aIProvider.Allowlist);
+                    bool isInDenyList =  ElementMatchesAnyRegexInList(result, aIProvider.Denylist);
+                    if (isInAllowList && !isInDenyList)
+                    {
+                        results.Add(aIProviderName + ":" + result);
+                    }
                 }
             }
             catch (Exception ex)
@@ -189,6 +195,11 @@ public class AIProvider
         }
         return [.. results];
     }
+
+    private static bool ElementMatchesAnyRegexInList(string element, string[] list)
+    {
+        return list?.Any(pattern => pattern != null && Regex.IsMatch(element, pattern)) ?? false;
+    }
 }
 
 public class AIProvidersConfiguration

src/Server/Controllers/AccountController.cs

@@ -12,9 +12,9 @@ public class AccountController : Controller
 {
     private readonly SimpleAuthOptions _options;
 
-    public AccountController(EmbeddingSearchOptions options)
+    public AccountController(IOptions<EmbeddingSearchOptions> options)
     {
-        _options = options.SimpleAuth;
+        _options = options.Value.SimpleAuth;
     }
 
     [HttpGet("Login")]

src/Server/Models/ConfigModels.cs

@@ -1,16 +1,16 @@
 using System.Configuration;
 using ElmahCore;
+using Shared.Models;
 
 namespace Server.Models;
 
-public class EmbeddingSearchOptions
+public class EmbeddingSearchOptions : ApiKeyOptions
 {
     public required ConnectionStringsSection ConnectionStrings { get; set; }
     public ElmahOptions? Elmah { get; set; }
     public required long EmbeddingCacheMaxCount { get; set; }
-    public required AiProvider[] AiProviders { get; set; }
+    public required Dictionary<string, AiProvider> AiProviders { get; set; }
     public required SimpleAuthOptions SimpleAuth { get; set; }
-    public string[]? ApiKeys { get; set; }
     public required bool UseHttpsRedirection { get; set; }
 }
 
@@ -18,7 +18,7 @@ public class AiProvider
 {
     public required string Handler { get; set; }
     public required string BaseURL { get; set; }
-    public required string ApiKey { get; set; }
+    public string? ApiKey { get; set; }
     public required string[] Allowlist { get; set; }
     public required string[] Denylist { get; set; }
 }

src/Server/Program.cs

@@ -12,6 +12,7 @@ using System.Text.Json.Serialization;
 using System.Reflection;
 using System.Configuration;
 using Microsoft.OpenApi.Models;
+using Shared.Models;
 
 var builder = WebApplication.CreateBuilder(args);
 
@@ -29,6 +30,7 @@ IConfigurationSection configurationSection = builder.Configuration.GetSection("E
 EmbeddingSearchOptions configuration = configurationSection.Get<EmbeddingSearchOptions>() ?? throw new ConfigurationErrorsException("Unable to start server due to an invalid configration");
 
 builder.Services.Configure<EmbeddingSearchOptions>(configurationSection);
+builder.Services.Configure<ApiKeyOptions>(configurationSection);
 
 // Add Localization
 builder.Services.AddLocalization(options => options.ResourcesPath = "Resources");
@@ -133,8 +135,6 @@ app.MapHealthChecks("/healthz/AIProvider", new Microsoft.AspNetCore.Diagnostics.
 });
 
 bool IsDevelopment = app.Environment.IsDevelopment();
-bool useSwagger = app.Configuration.GetValue<bool>("UseSwagger");
-bool? UseMiddleware = app.Configuration.GetValue<bool?>("UseMiddleware");
 
 app.UseSwagger();
 app.UseSwaggerUI(options =>
@@ -145,7 +145,19 @@ app.UseSwaggerUI(options =>
 
 if (configuration.ApiKeys is not null)
 {
-    app.UseMiddleware<Shared.ApiKeyMiddleware>();
+    app.UseWhen(context =>
+    {
+        RouteData routeData = context.GetRouteData();
+        string controllerName = routeData.Values["controller"]?.ToString() ?? "StaticFile";
+        if (controllerName == "Account" || controllerName == "Home" || controllerName == "StaticFile")
+        {
+            return false;
+        }
+        return true;
+    }, appBuilder =>
+    {
+        appBuilder.UseMiddleware<Shared.ApiKeyMiddleware>();    
+    });
 }
 
 // Add localization