SilverLABS/littleshop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge and add BTCPay external nodes configuration

Browse Source
This commit is contained in:
SilverLabs DevTeam
2025-09-19 12:15:52 +01:00
parent 73e8773ea3 d343037bbd
commit 56e6496c3b
15 changed files with 438 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
LittleShop/Services/BTCPayServerService.cs
View File

@@ -33,12 +33,27 @@ public class BTCPayServerService : IBTCPayServerService
_logger.LogInformation("Initializing BTCPay Server connection to {BaseUrl} with Store ID: {StoreId}", _baseUrl, _storeId);
// Create HttpClient with certificate bypass for internal networks
var httpClient = new HttpClient(new HttpClientHandler()
{
ServerCertificateCustomValidationCallback = (message, cert, chain, errors) => true
});
// Create HttpClient with proper SSL validation
var httpClientHandler = new HttpClientHandler();
// Only allow insecure SSL in development mode with explicit configuration
var allowInsecureSSL = _configuration.GetValue<bool>("Security:AllowInsecureSSL", false);
if (allowInsecureSSL)
{
var environment = Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT");
if (environment == "Development")
{
_logger.LogWarning("SECURITY WARNING: SSL certificate validation is disabled for development. This should NEVER be used in production!");
httpClientHandler.ServerCertificateCustomValidationCallback = (message, cert, chain, errors) => true;
}
else
{
_logger.LogError("Attempted to disable SSL certificate validation in non-development environment. This is not allowed.");
throw new InvalidOperationException("SSL certificate validation cannot be disabled in production environments");
}
}
var httpClient = new HttpClient(httpClientHandler);
_client = new BTCPayServerClient(new Uri(_baseUrl), apiKey, httpClient);
}