improve LocalNode.Create to be able to accept the list of addresses allowed to access LocalNode

Author: smdn

src/Smdn.Net.MuninNode/Smdn.Net.MuninNode/AddressListAccessRule.cs

@@ -0,0 +1,38 @@
+// SPDX-FileCopyrightText: 2024 smdn <smdn@smdn.jp>
+// SPDX-License-Identifier: MIT
+using System;
+using System.Collections.Generic;
+using System.Net;
+using System.Net.Sockets;
+
+namespace Smdn.Net.MuninNode;
+
+internal sealed class AddressListAccessRule : IAccessRule {
+  private readonly IReadOnlyList<IPAddress> addressListAllowFrom;
+
+  public AddressListAccessRule(IReadOnlyList<IPAddress> addressListAllowFrom)
+  {
+    this.addressListAllowFrom = addressListAllowFrom ?? throw new ArgumentNullException(nameof(addressListAllowFrom));
+  }
+
+  public bool IsAcceptable(IPEndPoint remoteEndPoint)
+  {
+    if (remoteEndPoint is null)
+      throw new ArgumentNullException(nameof(remoteEndPoint));
+
+    var remoteAddress = remoteEndPoint.Address;
+
+    foreach (var addressAllowFrom in addressListAllowFrom) {
+      if (addressAllowFrom.AddressFamily == AddressFamily.InterNetwork) {
+        // test for client acceptability by IPv4 address
+        if (remoteAddress.IsIPv4MappedToIPv6)
+          remoteAddress = remoteAddress.MapToIPv4();
+      }
+
+      if (addressAllowFrom.Equals(remoteAddress))
+        return true;
+    }
+
+    return false;
+  }
+}

src/Smdn.Net.MuninNode/Smdn.Net.MuninNode/IAccessRuleServiceCollectionExtensions.cs

@@ -3,44 +3,13 @@
 using System;
 using System.Collections.Generic;
 using System.Net;
-using System.Net.Sockets;
 
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.DependencyInjection.Extensions;
 
 namespace Smdn.Net.MuninNode;
 
 public static class IAccessRuleServiceCollectionExtensions {
-  internal class AddressListAccessRule : IAccessRule {
-    private readonly IReadOnlyList<IPAddress> addressListAllowFrom;
-
-    public AddressListAccessRule(IReadOnlyList<IPAddress> addressListAllowFrom)
-    {
-      this.addressListAllowFrom = addressListAllowFrom ?? throw new ArgumentNullException(nameof(addressListAllowFrom));
-    }
-
-    public bool IsAcceptable(IPEndPoint remoteEndPoint)
-    {
-      if (remoteEndPoint is null)
-        throw new ArgumentNullException(nameof(remoteEndPoint));
-
-      var remoteAddress = remoteEndPoint.Address;
-
-      foreach (var addressAllowFrom in addressListAllowFrom) {
-        if (addressAllowFrom.AddressFamily == AddressFamily.InterNetwork) {
-          // test for client acceptability by IPv4 address
-          if (remoteAddress.IsIPv4MappedToIPv6)
-            remoteAddress = remoteAddress.MapToIPv4();
-        }
-
-        if (addressAllowFrom.Equals(remoteAddress))
-          return true;
-      }
-
-      return false;
-    }
-  }
-
   /// <param name="services">The <see cref="IServiceCollection"/> to add services to.</param>
   /// <param name="addressListAllowFrom">The <see cref="IReadOnlyList{IPAddress}"/> indicates the read-only list of addresses allowed to access <see cref="NodeBase"/>.</param>
   public static IServiceCollection AddMuninNodeAccessRule(

src/Smdn.Net.MuninNode/Smdn.Net.MuninNode/LocalNode.Create.cs

@@ -34,10 +34,11 @@ public ConcreteLocalNode(
       IPluginProvider pluginProvider,
       string hostName,
       int port,
+      IAccessRule? accessRule,
       IServiceProvider? serviceProvider = null
     )
       : base(
-        accessRule: serviceProvider?.GetService<IAccessRule>(),
+        accessRule: accessRule ?? serviceProvider?.GetService<IAccessRule>(),
         logger: serviceProvider?.GetService<ILoggerFactory>()?.CreateLogger<LocalNode>()
       )
     {
@@ -66,9 +67,13 @@ protected override EndPoint GetLocalEndPointToBind()
   /// The hostname advertised by this node. This value is used as the display name for HTML generated by Munin.
   /// If <see langword="null"/> or empty, the default hostname is used.
   /// </param>
+  /// <param name="addressListAllowFrom">
+  /// The <see cref="IReadOnlyList{IPAddress}"/> indicates the read-only list of addresses allowed to access <see cref="LocalNode"/>.
+  /// </param>
   /// <param name="serviceProvider">
   /// The <see cref="IServiceProvider"/>.
-  /// This constructor overload attempts to get a service of <see cref="ILoggerFactory"/>, to create an <see cref="ILogger"/>.
+  /// This overload attempts to get a service of <see cref="ILoggerFactory"/>, to create an <see cref="ILogger"/>.
+  /// Also attempts to get a service of <see cref="IAccessRule"/> if <paramref name="addressListAllowFrom"/> is <see langword="null"/>.
   /// </param>
   /// <remarks>
   /// Most Munin-Node uses port 4949 by default, but it is recommended to use other port numbers to avoid conflicts with other nodes.
@@ -77,12 +82,14 @@ public static LocalNode Create(
     IReadOnlyCollection<IPlugin> plugins,
     int port,
     string? hostName = null,
+    IReadOnlyList<IPAddress>? addressListAllowFrom = null,
     IServiceProvider? serviceProvider = null
   )
     => Create(
       pluginProvider: new ReadOnlyCollectionPluginProvider(plugins ?? throw new ArgumentNullException(nameof(plugins))),
       hostName: string.IsNullOrEmpty(hostName) ? DefaultHostName : hostName,
       port: port,
+      addressListAllowFrom: addressListAllowFrom,
       serviceProvider: serviceProvider
     );
 
@@ -99,9 +106,13 @@ public static LocalNode Create(
   /// The hostname advertised by this node. This value is used as the display name for HTML generated by Munin.
   /// If <see langword="null"/> or empty, the default hostname is used.
   /// </param>
+  /// <param name="addressListAllowFrom">
+  /// The <see cref="IReadOnlyList{IPAddress}"/> indicates the read-only list of addresses allowed to access <see cref="LocalNode"/>.
+  /// </param>
   /// <param name="serviceProvider">
   /// The <see cref="IServiceProvider"/>.
-  /// This constructor overload attempts to get a service of <see cref="ILoggerFactory"/>, to create an <see cref="ILogger"/>.
+  /// This overload attempts to get a service of <see cref="ILoggerFactory"/>, to create an <see cref="ILogger"/>.
+  /// Also attempts to get a service of <see cref="IAccessRule"/> if <paramref name="addressListAllowFrom"/> is <see langword="null"/>.
   /// </param>
   /// <remarks>
   /// Most Munin-Node uses port 4949 by default, but it is recommended to use other port numbers to avoid conflicts with other nodes.
@@ -110,12 +121,14 @@ public static LocalNode Create(
     IPluginProvider pluginProvider,
     int port,
     string? hostName = null,
+    IReadOnlyList<IPAddress>? addressListAllowFrom = null,
     IServiceProvider? serviceProvider = null
   )
     => new ConcreteLocalNode(
       pluginProvider: pluginProvider ?? throw new ArgumentNullException(nameof(pluginProvider)),
       hostName: string.IsNullOrEmpty(hostName) ? DefaultHostName : hostName,
       port: port,
+      accessRule: addressListAllowFrom is null ? null : new AddressListAccessRule(addressListAllowFrom),
       serviceProvider: serviceProvider
     );
 }