sec: save readonly byte array instead string

Security/DependencyInjection.cs

@@ -6,11 +6,29 @@ using Mirea.Api.Security.Common.Interfaces;
 using Mirea.Api.Security.Services;
 using System;
 using System.Collections.Generic;
+using System.Text;
 
 namespace Mirea.Api.Security;
 
 public static class DependencyInjection
 {
+    private static ReadOnlyMemory<byte> NormalizeKey(string key, int requiredLength)
+    {
+        var keyBytes = Encoding.UTF8.GetBytes(key);
+
+        if (keyBytes.Length < requiredLength)
+        {
+            var normalizedKey = new byte[requiredLength];
+            Array.Copy(keyBytes, normalizedKey, keyBytes.Length);
+            return new ReadOnlyMemory<byte>(normalizedKey);
+        }
+
+        if (keyBytes.Length > requiredLength)
+            Array.Resize(ref keyBytes, requiredLength);
+
+        return new ReadOnlyMemory<byte>(keyBytes);
+    }
+
     public static IServiceCollection AddSecurityServices(this IServiceCollection services, IConfiguration configuration)
     {
         var saltSize = int.Parse(configuration["SECURITY_SALT_SIZE"]!);
@@ -61,8 +79,13 @@ public static class DependencyInjection
             providers.Add(provider, (clientId, secret));
         }
 
-        services.AddSingleton(provider => new OAuthService(provider.GetRequiredService<ILogger<OAuthService>>(), providers,
-            configuration["SECURITY_ENCRYPTION_TOKEN"]!));
+        services.AddSingleton(provider => new OAuthService(
+            provider.GetRequiredService<ILogger<OAuthService>>(),
+            providers,
+            provider.GetRequiredService<ICacheService>())
+        {
+            SecretKey = NormalizeKey(configuration["SECURITY_ENCRYPTION_TOKEN"]!, 32)
+        });
 
         return services;
     }