Added README file;

Change order of repos to order by updated date desc;
Moved project to src folder;

Author: nicruo

README.md

@@ -1,5 +1,3 @@
-#See https://aka.ms/customizecontainer to learn how to customize your debug container and how Visual Studio uses this Dockerfile to build your images for faster debugging.
-
 FROM mcr.microsoft.com/dotnet/aspnet:8.0 AS base
 USER app
 WORKDIR /app

Services/GitHubService.cs

@@ -1,11 +1,23 @@
-using System.Security.Claims;
-using Microsoft.AspNetCore.Authentication.Cookies;
-using Microsoft.AspNetCore.Authentication;
 using GitHubRepoSecrets.Services;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.Cookies;
 using Microsoft.AspNetCore.HttpOverrides;
+using System.Security.Claims;
 
 var builder = WebApplication.CreateBuilder(args);
 
+var githubClientId = builder.Configuration["github:clientId"];
+if (string.IsNullOrEmpty(githubClientId))
+{
+    throw new ArgumentException("GITHUB__CLIENTID is required");
+}
+
+var githubClientSecret = builder.Configuration["github:clientSecret"];
+if (string.IsNullOrEmpty(githubClientSecret))
+{
+    throw new ArgumentException("GITHUB__CLIENTSECRET is required");
+}
+
 builder.Services
     .AddAuthentication(o =>
     {
@@ -18,18 +30,16 @@
     })
     .AddGitHub(options =>
     {
-        options.ClientSecret = builder.Configuration["github:clientSecret"];
-        options.ClientId = builder.Configuration["github:clientId"];
+        options.ClientSecret = githubClientSecret;
+        options.ClientId = githubClientId;
         options.CallbackPath = "/signin-github";
         options.Scope.Add("repo");
         options.Events.OnCreatingTicket += context =>
         {
             if (context.AccessToken is { })
             {
                 context.Identity?.AddClaim(new Claim("access_token", context.AccessToken));
-                
             }
-
             return Task.CompletedTask;
         };
     });

images/cloud_architecture_dark.drawio.png

@@ -0,0 +1,49 @@
+using Octokit;
+
+namespace GitHubRepoSecrets.Services;
+
+public class GitHubService
+{
+    private readonly GitHubClient _client;
+
+    public GitHubService(IHttpContextAccessor httpContextAccessor)
+    {
+        var accessToken = httpContextAccessor.HttpContext.User.FindFirst("access_token")?.Value;
+
+        if (accessToken is not null)
+        {
+            _client = new GitHubClient(new ProductHeaderValue("test"))
+            {
+                Credentials = new Credentials(accessToken)
+            };
+        }
+    }
+
+    public async Task<IReadOnlyList<Repository>> GetRepositoriesAsync()
+    {
+        return await _client.Repository.GetAllForCurrent(new RepositoryRequest { Sort = RepositorySort.Updated, Direction = SortDirection.Descending});
+    }
+
+    public async Task<RepositorySecretsCollection> GetSecretsAsync(string owner, string repo)
+    {
+        return await _client.Repository.Actions.Secrets.GetAll(owner, repo);
+    }
+
+    public async Task<RepositorySecret> GetSecretAsync(string owner, string repo, string secretName)
+    {
+        return await _client.Repository.Actions.Secrets.Get(owner, repo, secretName);
+    }
+
+    public async Task DeleteSecretAsync(string owner, string repo, string secretName)
+    {
+        await _client.Repository.Actions.Secrets.Delete(owner, repo, secretName);
+    }
+
+    public async Task CreateOrUpdateSecretAsync(string owner, string repo, string secretName, string secretValue)
+    {
+        SecretsPublicKey secretsPublicKey = await _client.Repository.Actions.Secrets.GetPublicKey(owner, repo);
+        var secretsPublicKeyBytes = Convert.FromBase64String(secretsPublicKey.Key);
+        var encryptedValue = Convert.ToBase64String(Sodium.SealedPublicKeyBox.Create(secretValue, secretsPublicKeyBytes));
+        await _client.Repository.Actions.Secrets.CreateOrUpdate(owner, repo, secretName, new UpsertRepositorySecret { KeyId = secretsPublicKey.KeyId, EncryptedValue = encryptedValue });
+    }
+}