Encrypt webhook URLs with DPAPI via Windows Credential Manager

erikdarlingdata · claude · erikdarlingdata · commit c11608d931bc · 2026-04-15T17:22:47.000-04:00
Moves Teams and Slack webhook URLs from plaintext settings.json/preferences.json to Windows Credential Manager (DPAPI-encrypted), matching the existing pattern used for SMTP passwords and SQL Server credentials. Includes automatic migration: on first settings load, any plaintext URLs are moved to Credential Manager and removed from the JSON file. Closes #848 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
diff --git a/Dashboard/Services/WebhookAlertService.cs b/Dashboard/Services/WebhookAlertService.cs
@@ -24,7 +24,10 @@ namespace PerformanceMonitorDashboard.Services
     public class WebhookAlertService
     {
         private const string EditionName = "Performance Monitor Dashboard";
+        private const string TeamsWebhookCredentialKey = "TeamsWebhook";
+        private const string SlackWebhookCredentialKey = "SlackWebhook";
         private static readonly JsonSerializerOptions s_jsonOptions = new() { PropertyNamingPolicy = null };
+        private static readonly CredentialService s_credentialService = new();
 
         private readonly UserPreferencesService _preferencesService;
         private readonly ConcurrentDictionary<string, DateTime> _cooldowns = new();
@@ -42,6 +45,50 @@ public WebhookAlertService(UserPreferencesService preferencesService)
             Current = this;
         }
 
+        /// <summary>
+        /// Gets a webhook URL from Windows Credential Manager.
+        /// </summary>
+        public static string GetWebhookUrl(string credentialKey)
+        {
+            try
+            {
+                var cred = s_credentialService.GetCredential(credentialKey);
+                return cred?.Password ?? "";
+            }
+            catch (Exception ex)
+            {
+                Logger.Error($"Failed to retrieve webhook URL for {credentialKey}: {ex.Message}");
+                return "";
+            }
+        }
+
+        /// <summary>
+        /// Saves a webhook URL to Windows Credential Manager.
+        /// </summary>
+        public static void SaveWebhookUrl(string credentialKey, string url)
+        {
+            try
+            {
+                if (string.IsNullOrWhiteSpace(url))
+                {
+                    s_credentialService.DeleteCredential(credentialKey);
+                }
+                else
+                {
+                    s_credentialService.SaveCredential(credentialKey, "webhook", url);
+                }
+            }
+            catch (Exception ex)
+            {
+                Logger.Error($"Failed to save webhook URL for {credentialKey}: {ex.Message}");
+            }
+        }
+
+        public static string GetTeamsWebhookUrl() => GetWebhookUrl(TeamsWebhookCredentialKey);
+        public static string GetSlackWebhookUrl() => GetWebhookUrl(SlackWebhookCredentialKey);
+        public static void SaveTeamsWebhookUrl(string url) => SaveWebhookUrl(TeamsWebhookCredentialKey, url);
+        public static void SaveSlackWebhookUrl(string url) => SaveWebhookUrl(SlackWebhookCredentialKey, url);
+
         /// <summary>
         /// Sends webhook alerts to all configured channels (Teams and/or Slack).
         /// Respects the email cooldown setting for throttling. Never throws.
@@ -67,12 +114,14 @@ public async Task<bool> TrySendWebhookAlertsAsync(
 
                 bool sent = false;
 
-                if (prefs.TeamsWebhookEnabled && !string.IsNullOrWhiteSpace(prefs.TeamsWebhookUrl))
+                var teamsUrl = GetTeamsWebhookUrl();
+                if (prefs.TeamsWebhookEnabled && !string.IsNullOrWhiteSpace(teamsUrl))
                 {
                     sent |= await TrySendTeamsAlertAsync(prefs, metricName, serverName, currentValue, thresholdValue, context);
                 }
 
-                if (prefs.SlackWebhookEnabled && !string.IsNullOrWhiteSpace(prefs.SlackWebhookUrl))
+                var slackUrl = GetSlackWebhookUrl();
+                if (prefs.SlackWebhookEnabled && !string.IsNullOrWhiteSpace(slackUrl))
                 {
                     sent |= await TrySendSlackAlertAsync(prefs, metricName, serverName, currentValue, thresholdValue, context);
                 }
@@ -148,7 +197,7 @@ private async Task<bool> TrySendTeamsAlertAsync(
             try
             {
                 var payload = BuildTeamsPayload(metricName, serverName, currentValue, thresholdValue, context: context);
-                var error = await PostWebhookAsync(prefs.TeamsWebhookUrl, payload, prefs.TeamsProxyAddress);
+                var error = await PostWebhookAsync(GetTeamsWebhookUrl(), payload, prefs.TeamsProxyAddress);
 
                 if (error != null)
                 {
@@ -268,7 +317,7 @@ private async Task<bool> TrySendSlackAlertAsync(
             try
             {
                 var payload = BuildSlackPayload(metricName, serverName, currentValue, thresholdValue, context: context);
-                var error = await PostWebhookAsync(prefs.SlackWebhookUrl, payload, prefs.SlackProxyAddress);
+                var error = await PostWebhookAsync(GetSlackWebhookUrl(), payload, prefs.SlackProxyAddress);
 
                 if (error != null)
                 {
diff --git a/Dashboard/SettingsWindow.xaml.cs b/Dashboard/SettingsWindow.xaml.cs
@@ -210,11 +210,27 @@ private void LoadSettings()
 
             // Webhook settings (Teams / Slack)
             TeamsWebhookEnabledCheckBox.IsChecked = prefs.TeamsWebhookEnabled;
-            TeamsWebhookUrlTextBox.Text = prefs.TeamsWebhookUrl;
             TeamsProxyAddressTextBox.Text = prefs.TeamsProxyAddress;
             SlackWebhookEnabledCheckBox.IsChecked = prefs.SlackWebhookEnabled;
-            SlackWebhookUrlTextBox.Text = prefs.SlackWebhookUrl;
             SlackProxyAddressTextBox.Text = prefs.SlackProxyAddress;
+
+            /* Migrate legacy plaintext webhook URLs to Credential Manager */
+            if (!string.IsNullOrWhiteSpace(prefs.TeamsWebhookUrl))
+            {
+                WebhookAlertService.SaveTeamsWebhookUrl(prefs.TeamsWebhookUrl);
+                prefs.TeamsWebhookUrl = "";
+                _preferencesService.SavePreferences(prefs);
+            }
+            if (!string.IsNullOrWhiteSpace(prefs.SlackWebhookUrl))
+            {
+                WebhookAlertService.SaveSlackWebhookUrl(prefs.SlackWebhookUrl);
+                prefs.SlackWebhookUrl = "";
+                _preferencesService.SavePreferences(prefs);
+            }
+
+            /* Load webhook URLs from Credential Manager */
+            TeamsWebhookUrlTextBox.Text = WebhookAlertService.GetTeamsWebhookUrl();
+            SlackWebhookUrlTextBox.Text = WebhookAlertService.GetSlackWebhookUrl();
             UpdateTeamsControlStates();
             UpdateSlackControlStates();
 
@@ -705,12 +721,16 @@ private async void OkButton_Click(object sender, RoutedEventArgs e)
 
             // Save webhook settings (Teams / Slack)
             prefs.TeamsWebhookEnabled = TeamsWebhookEnabledCheckBox.IsChecked == true;
-            prefs.TeamsWebhookUrl = TeamsWebhookUrlTextBox.Text?.Trim() ?? "";
+            prefs.TeamsWebhookUrl = "";  /* URLs stored in Credential Manager, not preferences */
             prefs.TeamsProxyAddress = TeamsProxyAddressTextBox.Text?.Trim() ?? "";
             prefs.SlackWebhookEnabled = SlackWebhookEnabledCheckBox.IsChecked == true;
-            prefs.SlackWebhookUrl = SlackWebhookUrlTextBox.Text?.Trim() ?? "";
+            prefs.SlackWebhookUrl = "";  /* URLs stored in Credential Manager, not preferences */
             prefs.SlackProxyAddress = SlackProxyAddressTextBox.Text?.Trim() ?? "";
 
+            /* Save webhook URLs to Credential Manager */
+            WebhookAlertService.SaveTeamsWebhookUrl(TeamsWebhookUrlTextBox.Text?.Trim() ?? "");
+            WebhookAlertService.SaveSlackWebhookUrl(SlackWebhookUrlTextBox.Text?.Trim() ?? "");
+
             // Save MCP server settings
             bool mcpWasEnabled = prefs.McpEnabled;
             prefs.McpEnabled = McpEnabledCheckBox.IsChecked == true;
diff --git a/Lite/App.xaml.cs b/Lite/App.xaml.cs
@@ -128,6 +128,50 @@ private static string GetDefaultCsvSeparator()
     public static string SlackWebhookUrl { get; set; } = "";
     public static string SlackProxyAddress { get; set; } = "";
 
+    private const string TeamsWebhookCredentialKey = "TeamsWebhook";
+    private const string SlackWebhookCredentialKey = "SlackWebhook";
+
+    /// <summary>
+    /// Gets a webhook URL from Windows Credential Manager.
+    /// </summary>
+    public static string GetWebhookUrl(string credentialKey)
+    {
+        try
+        {
+            var credService = new Services.CredentialService();
+            var cred = credService.GetCredential(credentialKey);
+            return cred?.Password ?? "";
+        }
+        catch (Exception ex)
+        {
+            AppLogger.Error("App", $"Failed to retrieve webhook URL for {credentialKey}: {ex.Message}");
+            return "";
+        }
+    }
+
+    /// <summary>
+    /// Saves a webhook URL to Windows Credential Manager.
+    /// </summary>
+    public static void SaveWebhookUrl(string credentialKey, string url)
+    {
+        try
+        {
+            var credService = new Services.CredentialService();
+            if (string.IsNullOrWhiteSpace(url))
+            {
+                credService.DeleteCredential(credentialKey);
+            }
+            else
+            {
+                credService.SaveCredential(credentialKey, "webhook", url);
+            }
+        }
+        catch (Exception ex)
+        {
+            AppLogger.Error("App", $"Failed to save webhook URL for {credentialKey}: {ex.Message}");
+        }
+    }
+
     /* SMTP email alert settings */
     public static bool SmtpEnabled { get; set; } = false;
     public static string SmtpServer { get; set; } = "";
@@ -356,14 +400,34 @@ public static void LoadAlertSettings()
 
             /* Teams webhook settings */
             if (root.TryGetProperty("teams_webhook_enabled", out v)) TeamsWebhookEnabled = v.GetBoolean();
-            if (root.TryGetProperty("teams_webhook_url", out v)) TeamsWebhookUrl = v.GetString() ?? "";
             if (root.TryGetProperty("teams_proxy_address", out v)) TeamsProxyAddress = v.GetString() ?? "";
 
             /* Slack webhook settings */
             if (root.TryGetProperty("slack_webhook_enabled", out v)) SlackWebhookEnabled = v.GetBoolean();
-            if (root.TryGetProperty("slack_webhook_url", out v)) SlackWebhookUrl = v.GetString() ?? "";
             if (root.TryGetProperty("slack_proxy_address", out v)) SlackProxyAddress = v.GetString() ?? "";
 
+            /* Migrate webhook URLs from plaintext settings.json to Credential Manager */
+            if (root.TryGetProperty("teams_webhook_url", out v))
+            {
+                var legacyUrl = v.GetString() ?? "";
+                if (!string.IsNullOrWhiteSpace(legacyUrl))
+                {
+                    SaveWebhookUrl(TeamsWebhookCredentialKey, legacyUrl);
+                }
+            }
+            if (root.TryGetProperty("slack_webhook_url", out v))
+            {
+                var legacyUrl = v.GetString() ?? "";
+                if (!string.IsNullOrWhiteSpace(legacyUrl))
+                {
+                    SaveWebhookUrl(SlackWebhookCredentialKey, legacyUrl);
+                }
+            }
+
+            /* Load webhook URLs from Credential Manager */
+            TeamsWebhookUrl = GetWebhookUrl(TeamsWebhookCredentialKey);
+            SlackWebhookUrl = GetWebhookUrl(SlackWebhookCredentialKey);
+
             /* SMTP settings */
             if (root.TryGetProperty("smtp_enabled", out v)) SmtpEnabled = v.GetBoolean();
             if (root.TryGetProperty("smtp_server", out v)) SmtpServer = v.GetString() ?? "";
diff --git a/Lite/Windows/SettingsWindow.xaml.cs b/Lite/Windows/SettingsWindow.xaml.cs
@@ -983,6 +983,10 @@ private void SaveWebhookSettings()
         App.SlackWebhookUrl = SlackWebhookUrlBox.Text?.Trim() ?? "";
         App.SlackProxyAddress = SlackProxyAddressBox.Text?.Trim() ?? "";
 
+        /* Save webhook URLs to Credential Manager instead of settings.json */
+        App.SaveWebhookUrl("TeamsWebhook", App.TeamsWebhookUrl);
+        App.SaveWebhookUrl("SlackWebhook", App.SlackWebhookUrl);
+
         var settingsPath = Path.Combine(App.ConfigDirectory, "settings.json");
         try
         {
@@ -998,12 +1002,17 @@ private void SaveWebhookSettings()
             }
 
             root["teams_webhook_enabled"] = App.TeamsWebhookEnabled;
-            root["teams_webhook_url"] = App.TeamsWebhookUrl;
             root["teams_proxy_address"] = App.TeamsProxyAddress;
             root["slack_webhook_enabled"] = App.SlackWebhookEnabled;
-            root["slack_webhook_url"] = App.SlackWebhookUrl;
             root["slack_proxy_address"] = App.SlackProxyAddress;
 
+            /* Remove legacy plaintext webhook URLs from settings.json */
+            if (root is JsonObject obj)
+            {
+                obj.Remove("teams_webhook_url");
+                obj.Remove("slack_webhook_url");
+            }
+
             var options = new JsonSerializerOptions { WriteIndented = true };
             File.WriteAllText(settingsPath, root.ToJsonString(options));
         }
