Initial WebhookServer implementation

Add the .NET 8 solution scaffolded against PLAN.md. Three projects share
WebhookServer.Core (models, auth, execution, storage, IPC, callbacks)
and WebhookServer.Service hosts an embedded Kestrel listener plus the
named-pipe admin server. WebhookServer.Gui is a thin MVVM client over
the pipe. Includes 25 unit tests covering HMAC verification, bearer
auth, IP allowlist parsing, arg-template rendering, DPAPI round-trip,
and the encrypt-on-save config store.

Install/uninstall PowerShell scripts default to LocalSystem and accept
a domain user or gMSA via -ServiceAccount.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
2026-05-07 22:04:52 -04:00
parent 2f61b342af
commit 8ecfe84540
62 changed files with 3721 additions and 0 deletions
@@ -0,0 +1,27 @@
using System.Runtime.InteropServices;
using WebhookServer.Core.Storage;
using Xunit;
namespace WebhookServer.Core.Tests;
public class DpapiSecretTests
{
[Fact]
public void Round_trip_recovers_original_value()
{
if (!RuntimeInformation.IsOSPlatform(OSPlatform.Windows)) return;
var original = "topsecret-é-🚀";
var encrypted = DpapiSecret.Protect(original);
Assert.NotEmpty(encrypted);
var decrypted = DpapiSecret.Unprotect(encrypted);
Assert.Equal(original, decrypted);
}
[Fact]
public void Empty_string_round_trips_as_empty()
{
if (!RuntimeInformation.IsOSPlatform(OSPlatform.Windows)) return;
Assert.Equal("", DpapiSecret.Unprotect(DpapiSecret.Protect("")));
}
}