Implement hashicorp vault

Add FindOnePipelineAsync method

Core.BluePrint.Packages.sln

@@ -7,7 +7,7 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Core.Blueprint.KeyVault", "
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Core.Blueprint.Mongo", "Core.Blueprint.Mongo\Core.Blueprint.Mongo.csproj", "{27A8E3E1-D613-4D5B-8105-485699409F1E}"
 EndProject
-Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Core.Blueprint.Redis", "Core.Blueprint.Redis\Core.Blueprint.Redis.csproj", "{11F2AA11-FB98-4A33-AEE4-CD49588D2FE1}"
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Core.Blueprint.Caching", "Core.Blueprint.Redis\Core.Blueprint.Caching.csproj", "{11F2AA11-FB98-4A33-AEE4-CD49588D2FE1}"
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Core.Blueprint.Storage", "Core.Blueprint.Storage\Core.Blueprint.Storage.csproj", "{636E4520-79F9-46C8-990D-08F2D24A151C}"
 EndProject

Core.Blueprint.KeyVault/Configuration/RegisterBlueprint.cs

@@ -16,17 +16,34 @@ namespace Core.Blueprint.KeyVault.Configuration
     {
         public static IServiceCollection AddKeyVault(this IServiceCollection services, IConfiguration configuration)
         {
-            var keyVaultUriString = configuration["ConnectionStrings:KeyVaultDAL"];
 
-            if (string.IsNullOrEmpty(keyVaultUriString))
+            var environment = Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT") ?? string.Empty;
+
+            if(environment ==  "Local")
             {
-                throw new ArgumentNullException("ConnectionStrings:KeyVault", "KeyVault URI is missing in the configuration.");
+                var vaultSettings = configuration.GetSection("Vault").Get<VaultOptions>();
+
+                if (string.IsNullOrEmpty(vaultSettings?.Address) || string.IsNullOrEmpty(vaultSettings.Token)
+                    || string.IsNullOrEmpty(vaultSettings.SecretMount))
+                {
+                    throw new ArgumentNullException("Vault options are not configured correctly.");
+                }
+
+                services.AddSingleton(vaultSettings);
             }
+            else
+            {
+                var keyVaultUriString = configuration["ConnectionStrings:KeyVaultDAL"];
 
-            var keyVaultUri = new Uri(keyVaultUriString);
+                if (string.IsNullOrEmpty(keyVaultUriString))
+                {
+                    throw new ArgumentNullException("ConnectionStrings:KeyVault", "KeyVault URI is missing in the configuration.");
+                }
 
-            // Register SecretClient as a singleton
+                var keyVaultUri = new Uri(keyVaultUriString);
-            services.AddSingleton(_ => new SecretClient(keyVaultUri, new DefaultAzureCredential()));
+
+                services.AddSingleton(_ => new SecretClient(keyVaultUri, new DefaultAzureCredential()));
+            }
 
             services.AddSingleton<IKeyVaultProvider, KeyVaultProvider>();
             return services;

Core.Blueprint.KeyVault/Configuration/VaultOptions.cs

@@ -0,0 +1,15 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace Core.Blueprint.KeyVault.Configuration
+{
+    public class VaultOptions
+    {
+        public string Address { get; set; } = string.Empty;
+        public string Token { get; set; } = string.Empty;
+        public string SecretMount { get; set; } = string.Empty;
+    }
+}

Core.Blueprint.KeyVault/Core.Blueprint.KeyVault.csproj

@@ -10,7 +10,9 @@
     <PackageReference Include="Azure.Identity" Version="1.13.1" />
     <PackageReference Include="Azure.Security.KeyVault.Secrets" Version="4.7.0" />
     <PackageReference Include="Microsoft.Extensions.Configuration.Abstractions" Version="9.0.0" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.Binder" Version="9.0.0" />
     <PackageReference Include="Microsoft.Extensions.DependencyInjection.Abstractions" Version="9.0.0" />
+    <PackageReference Include="VaultSharp" Version="1.17.5.1" />
   </ItemGroup>
 
 </Project>

Core.Blueprint.KeyVault/Provider/KeyVaultProvider.cs

@@ -1,93 +1,188 @@
-using Azure;
+using Azure.Security.KeyVault.Secrets;
-using Azure.Security.KeyVault.Secrets;
+using VaultSharp;
+using VaultSharp.V1.AuthMethods.Token;
+using Core.Blueprint.KeyVault.Configuration;
+using Microsoft.Extensions.Configuration;
+using System.Net.Http.Json;
+using VaultSharp.Core;
 
-namespace Core.Blueprint.KeyVault
+namespace Core.Blueprint.KeyVault;
+
+/// <summary>
+/// Provides operations for managing secrets in Azure Key Vault or HashiCorp Vault transparently based on the environment.
+/// </summary>
+public sealed class KeyVaultProvider : IKeyVaultProvider
 {
-    /// <summary>
+    private readonly string environment;
-    /// Provides operations for managing secrets in Azure Key Vault.
+    private readonly SecretClient? azureClient;
-    /// </summary>
+    private readonly IVaultClient? hashiClient;
-    public sealed class KeyVaultProvider(SecretClient keyVaultProvider): IKeyVaultProvider
+    private readonly VaultOptions? hashiOptions;
+
+    public KeyVaultProvider(IConfiguration configuration)
     {
-        /// <summary>
+        environment = Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT") ?? "Production";
-        /// Creates a new secret in Azure Key Vault.
+
-        /// </summary>
+        if (environment == "Local")
-        /// <param name="keyVaultRequest">The request containing the name and value of the secret.</param>
-        /// <param name="cancellationToken">The cancellation token to cancel the operation.</param>
-        /// <returns>A <see cref="KeyVaultResponse"/> containing the details of the created secret.</returns>
-        public async ValueTask<KeyVaultResponse> CreateSecretAsync(KeyVaultRequest keyVaultRequest, CancellationToken cancellationToken)
         {
-            KeyVaultResponse _response = new();
+            hashiOptions = configuration.GetSection("Vault").Get<VaultOptions>();
-            KeyVaultSecret azureResponse = await keyVaultProvider.SetSecretAsync(new KeyVaultSecret(keyVaultRequest.Name, keyVaultRequest.Value), cancellationToken);
+            hashiClient = new VaultClient(new VaultClientSettings(
-
+                hashiOptions?.Address,
-            _response.Value = azureResponse.Value;
+                new TokenAuthMethodInfo(hashiOptions?.Token)
-            _response.Name = azureResponse.Name;
+            ));
-
-            return _response;
         }
-
+        else
-        /// <summary>
-        /// Deletes a secret from Azure Key Vault if it exists.
-        /// </summary>
-        /// <param name="secretName">The name of the secret to delete.</param>
-        /// <param name="cancellationToken">The cancellation token to cancel the operation.</param>
-        /// <returns>
-        /// A <see cref="Tuple"/> containing a status message and a boolean indicating whether the secret was successfully deleted.
-        /// </returns>
-        public async ValueTask<Tuple<string, bool>> DeleteSecretAsync(string secretName, CancellationToken cancellationToken)
         {
-            var existingSecret = await this.GetSecretAsync(secretName, cancellationToken);
+            var keyVaultUri = new Uri(configuration["ConnectionStrings:KeyVaultDAL"]!);
-            if (existingSecret != null)
+            azureClient = new SecretClient(keyVaultUri, new Azure.Identity.DefaultAzureCredential());
-            {
-                await keyVaultProvider.StartDeleteSecretAsync(secretName, cancellationToken);
-                return new("Key Deleted", true);
-            }
-
-            return new("Key Not Found", false);
-        }
-
-        /// <summary>
-        /// Retrieves a secret from Azure Key Vault.
-        /// </summary>
-        /// <param name="secretName">The name of the secret to retrieve.</param>
-        /// <param name="cancellationToken">The cancellation token to cancel the operation.</param>
-        /// <returns>
-        /// A <see cref="Tuple"/> containing the <see cref="KeyVaultResponse"/> with secret details 
-        /// and an optional error message if the secret was not found.
-        /// </returns>
-        public async ValueTask<Tuple<KeyVaultResponse, string?>> GetSecretAsync(string secretName, CancellationToken cancellationToken)
-        {
-            KeyVaultSecret azureResponse = await keyVaultProvider.GetSecretAsync(secretName, cancellationToken: cancellationToken);
-
-            if (azureResponse == null)
-            {
-                return new(new KeyVaultResponse(), "Key Not Found");
-            }
-
-            return new(new KeyVaultResponse { Name = secretName, Value = azureResponse.Value }, string.Empty);
-        }
-
-        /// <summary>
-        /// Updates an existing secret in Azure Key Vault. If the secret does not exist, an error is returned.
-        /// </summary>
-        /// <param name="newSecret">The updated secret information.</param>
-        /// <param name="cancellationToken">The cancellation token to cancel the operation.</param>
-        /// <returns>
-        /// A <see cref="Tuple"/> containing the updated <see cref="KeyVaultResponse"/> and an optional error message if the secret was not found.
-        /// </returns>
-        public async ValueTask<Tuple<KeyVaultResponse, string>> UpdateSecretAsync(KeyVaultRequest newSecret, CancellationToken cancellationToken)
-        {
-            KeyVaultResponse _response = new();
-            var existingSecret = await this.GetSecretAsync(newSecret.Name, cancellationToken);
-            if (existingSecret == null)
-            {
-                return new(new KeyVaultResponse(), "Key Not Found");
-            }
-            KeyVaultSecret azureResponse = await keyVaultProvider.SetSecretAsync(new KeyVaultSecret(newSecret.Name, newSecret.Value), cancellationToken);
-
-            _response.Value = azureResponse.Value;
-            _response.Name = azureResponse.Name;
-
-            return new(new KeyVaultResponse { Name = newSecret.Name, Value = azureResponse.Value }, string.Empty);
         }
     }
+
+    /// <summary>
+    /// Creates a new secret in Azure Key Vault or HashiCorp Vault.
+    /// </summary>
+    public async ValueTask<KeyVaultResponse> CreateSecretAsync(KeyVaultRequest keyVaultRequest, CancellationToken cancellationToken)
+    {
+        if (environment == "Local")
+        {
+            await hashiClient!.V1.Secrets.KeyValue.V2.WriteSecretAsync(
+                path: keyVaultRequest.Name,
+                data: new Dictionary<string, object> { { "value", keyVaultRequest.Value } },
+                mountPoint: hashiOptions!.SecretMount
+            );
+            return new KeyVaultResponse { Name = keyVaultRequest.Name, Value = keyVaultRequest.Value };
+        }
+
+        KeyVaultSecret azureResponse = await azureClient!.SetSecretAsync(
+            new KeyVaultSecret(keyVaultRequest.Name, keyVaultRequest.Value), cancellationToken
+        );
+
+        return new KeyVaultResponse { Name = azureResponse.Name, Value = azureResponse.Value };
+    }
+
+    /// <summary>
+    /// Permanently deletes a secret from Azure Key Vault or HashiCorp Vault (hard delete for Vault).
+    /// </summary>
+    /// <param name="secretName">The name of the secret to delete.</param>
+    /// <param name="cancellationToken">The cancellation token to cancel the operation.</param>
+    /// <returns>
+    /// A <see cref="Tuple"/> containing a status message and a boolean indicating whether the secret was successfully deleted.
+    /// </returns>
+    public async ValueTask<Tuple<string, bool>> DeleteSecretAsync(string secretName, CancellationToken cancellationToken)
+    {
+        if (environment == "Local")
+        {
+            await DestroyAllSecretVersionsAsync(secretName, cancellationToken);
+        }
+
+        var existingSecret = await this.GetSecretAsync(secretName, cancellationToken);
+        if (existingSecret.Item2 == string.Empty)
+        {
+            await azureClient!.StartDeleteSecretAsync(secretName, cancellationToken);
+            return new("Key Deleted", true);
+        }
+
+        return new("Key Not Found", false);
+    }
+
+
+    /// <summary>
+    /// Retrieves a secret from Azure Key Vault or HashiCorp Vault.
+    /// </summary>
+    public async ValueTask<Tuple<KeyVaultResponse, string?>> GetSecretAsync(string secretName, CancellationToken cancellationToken)
+    {
+        if (environment == "Local")
+        {
+            try
+            {
+                var secret = await hashiClient!.V1.Secrets.KeyValue.V2.ReadSecretAsync(
+                    path: secretName,
+                    mountPoint: hashiOptions!.SecretMount
+                );
+
+                if (secret.Data.Data.TryGetValue("value", out var value))
+                {
+                    return new(new KeyVaultResponse { Name = secretName, Value = value?.ToString() ?? "" }, string.Empty);
+                }
+
+                return new(new KeyVaultResponse(), "Key Not Found");
+            }
+            catch (VaultSharp.Core.VaultApiException ex) when (ex.HttpStatusCode == System.Net.HttpStatusCode.NotFound)
+            {
+                return new(new KeyVaultResponse(), "Key Not Found");
+            }
+        }
+
+        try
+        {
+            KeyVaultSecret azureResponse = await azureClient!.GetSecretAsync(secretName, cancellationToken: cancellationToken);
+            return new(new KeyVaultResponse { Name = secretName, Value = azureResponse.Value }, string.Empty);
+        }
+        catch (Azure.RequestFailedException ex) when (ex.Status == 404)
+        {
+            return new(new KeyVaultResponse(), "Key Not Found");
+        }
+    }
+
+    /// <summary>
+    /// Updates an existing secret in Azure Key Vault or HashiCorp Vault. If the secret does not exist, an error is returned.
+    /// </summary>
+    public async ValueTask<Tuple<KeyVaultResponse, string>> UpdateSecretAsync(KeyVaultRequest newSecret, CancellationToken cancellationToken)
+    {
+        var existingSecret = await this.GetSecretAsync(newSecret.Name, cancellationToken);
+        if (!string.IsNullOrEmpty(existingSecret.Item2))
+        {
+            return new(new KeyVaultResponse(), "Key Not Found");
+        }
+
+        var updated = await CreateSecretAsync(newSecret, cancellationToken);
+        return new(updated, string.Empty);
+    }
+
+    /// <summary>
+    /// Permanently deletes all versions of a given secret in HashiCorp Vault.
+    /// Returns a tuple indicating the result status and a message.
+    /// </summary>
+    /// <param name="secretName">The secret name/path.</param>
+    /// <param name="cancellationToken">A cancellation token.</param>
+    /// <returns>
+    /// A tuple:
+    /// - <c>bool?</c>: <c>true</c> if deleted, <c>false</c> if no versions, <c>null</c> if not found.
+    /// - <c>string</c>: message explaining the result.
+    /// </returns>
+    private async Task<(bool? WasDeleted, string Message)> DestroyAllSecretVersionsAsync(string secretName, CancellationToken cancellationToken)
+    {
+        Dictionary<string, object> versions;
+
+        try
+        {
+            var metadata = await hashiClient!.V1.Secrets.KeyValue.V2.ReadSecretMetadataAsync(
+                path: secretName,
+                mountPoint: hashiOptions!.SecretMount
+            );
+
+            versions = metadata.Data.Versions.Keys.ToDictionary(k => k, _ => (object)0);
+            if (versions.Count == 0)
+                return (false, "Key exists but contains no versions.");
+        }
+        catch (VaultApiException ex) when (ex.HttpStatusCode == System.Net.HttpStatusCode.NotFound)
+        {
+            return (null, "Key Not Found.");
+        }
+
+        using var httpClient = new HttpClient { BaseAddress = new Uri(hashiOptions.Address) };
+        var request = new HttpRequestMessage(HttpMethod.Post, $"/v1/{hashiOptions.SecretMount}/destroy/{secretName}")
+        {
+            Content = JsonContent.Create(new { versions = versions.Keys.ToArray() })
+        };
+        request.Headers.Add("X-Vault-Token", hashiOptions.Token);
+        var response = await httpClient.SendAsync(request, cancellationToken);
+        response.EnsureSuccessStatusCode();
+
+        await hashiClient.V1.Secrets.KeyValue.V2.DeleteMetadataAsync(
+            path: secretName,
+            mountPoint: hashiOptions.SecretMount
+        );
+
+        return (true, "Key Permanently Deleted.");
+    }
 }

Core.Blueprint.Logging/Adapters/ErrorDetails.cs

@@ -1,6 +1,6 @@
 // ***********************************************************************
 // <copyright file="ErrorDetailsDto.cs">
-//     Heath
+//     AgileWebs
 // </copyright>
 // ***********************************************************************
 

Core.Blueprint.Logging/Adapters/HttpError.cs

@@ -1,6 +1,6 @@
 // ***********************************************************************
 // <copyright file="HttpErrorDto.cs">
-//     Heath
+//     AgileWebs
 // </copyright>
 // ***********************************************************************
 

Core.Blueprint.Logging/Adapters/HttpException.cs

@@ -1,6 +1,6 @@
 // ***********************************************************************
 // <copyright file="HttpException.cs">
-//     Heath
+//     AgileWebs
 // </copyright>
 // ***********************************************************************
 

Core.Blueprint.Logging/Adapters/LogDetail.cs

@@ -1,6 +1,6 @@
 // ***********************************************************************
 // <copyright file="LogDetail.cs">
-//     Heath
+//     AgileWebs
 // </copyright>
 // ***********************************************************************
 

Core.Blueprint.Logging/Adapters/LogOperation.cs

@@ -1,6 +1,6 @@
 // ***********************************************************************
 // <copyright file="LogOperation.cs">
-//     Heath
+//     AgileWebs
 // </copyright>
 // ***********************************************************************
 

Core.Blueprint.Logging/Adapters/LogSeverity.cs

@@ -1,6 +1,6 @@
 // ***********************************************************************
 // <copyright file="LogSeverity.cs">
-//     Heath
+//     AgileWebs
 // </copyright>
 // ***********************************************************************
 

Core.Blueprint.Logging/Adapters/LogTarget.cs

@@ -1,6 +1,6 @@
 // ***********************************************************************
 // <copyright file="LogTarget.cs">
-//     Heath
+//     AgileWebs
 // </copyright>
 // ***********************************************************************
 

Core.Blueprint.Logging/Adapters/ServiceSettings.cs

@@ -1,6 +1,6 @@
 // ***********************************************************************
 // <copyright file="ServiceSettings.cs">
-//     Heath
+//     AgileWebs
 // </copyright>
 // ***********************************************************************
 

Core.Blueprint.Logging/Constants/Claims.cs

@@ -1,6 +1,6 @@
 // ***********************************************************************
 // <copyright file="Claims.cs">
-//     Heath
+//     AgileWebs
 // </copyright>
 // ***********************************************************************
 namespace Core.Blueprint.Logging

Core.Blueprint.Logging/Constants/DisplayNames.cs

@@ -1,6 +1,6 @@
 // ***********************************************************************
 // <copyright file="DisplayNames.cs">
-//     Heath
+//     AgileWebs
 // </copyright>
 // ***********************************************************************
 

Core.Blueprint.Logging/Constants/EnvironmentVariables.cs

@@ -1,6 +1,6 @@
 // ***********************************************************************
 // <copyright file="EnvironmentVariables.cs">
-//     Heath
+//     AgileWebs
 // </copyright>
 // ***********************************************************************
 

Core.Blueprint.Logging/Constants/ErrorCodes.cs

@@ -1,6 +1,6 @@
 // ***********************************************************************
 // <copyright file="ErrorCodes.cs">
-//     Heath
+//     AgileWebs
 // </copyright>
 // ***********************************************************************
 

Core.Blueprint.Logging/Constants/MimeTypes.cs

@@ -1,6 +1,6 @@
 // ***********************************************************************
 // <copyright file="MimeTypes.cs">
-//     Heath
+//     AgileWebs
 // </copyright>
 // ***********************************************************************
 

Core.Blueprint.Logging/Constants/Responses.cs

@@ -1,6 +1,6 @@
 // ***********************************************************************
 // <copyright file="Responses.cs">
-//     Heath
+//     AgileWebs
 // </copyright>
 // ***********************************************************************
 

Core.Blueprint.Logging/Middleware/HttpErrorMiddleware.cs

@@ -1,6 +1,6 @@
 // ***********************************************************************
 // <copyright file="HttpErrorMiddleware.cs">
-//     Heath
+//     AgileWebs
 // </copyright>
 // ***********************************************************************
 

Core.Blueprint.Logging/Middleware/HttpLogger.cs

@@ -1,6 +1,6 @@
 // ***********************************************************************
 // <copyright file="HttpLogger.cs">
-//     Heath
+//     AgileWebs
 // </copyright>
 // ***********************************************************************
 

Core.Blueprint.Logging/Middleware/HttpLoggingMiddleware.cs

@@ -1,6 +1,6 @@
 // ***********************************************************************
 // <copyright file="HttpLoggingMiddleware.cs">
-//     Heath
+//     AgileWebs
 // </copyright>
 // ***********************************************************************
 

Core.Blueprint.Mongo/Configuration/IdentityProvider/AzureIdentityProvider.cs

@@ -5,10 +5,10 @@ using MongoDB.Driver.Authentication.Oidc;
 namespace Core.Blueprint.Mongo.Configuration
 {
     /// <summary>
-    /// The <see cref="HeathIdentityProvider"/> class is responsible for acquiring an OpenID Connect (OIDC) 
+    /// The <see cref="AzureIdentityProvider"/> class is responsible for acquiring an OpenID Connect (OIDC) 
     /// access token for MongoDB authentication using Azure Identity and Managed Identity credentials.
     /// </summary>
-    public class HeathIdentityProvider : IOidcCallback
+    public class AzureIdentityProvider : IOidcCallback
     {
         /// <summary>
         /// The audience (resource identifier) for which the OIDC token is being requested.
@@ -21,10 +21,10 @@ namespace Core.Blueprint.Mongo.Configuration
         private readonly string _environment;
 
         /// <summary>
-        /// Initializes a new instance of the <see cref="HeathIdentityProvider"/> class with the specified audience.
+        /// Initializes a new instance of the <see cref="AzureIdentityProvider"/> class with the specified audience.
         /// </summary>
         /// <param name="audience">The audience (resource identifier) for which the OIDC token is being requested.</param>
-        public HeathIdentityProvider(string audience)
+        public AzureIdentityProvider(string audience)
         {
             _audience = audience;
             _environment = Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT") ?? string.Empty;

Core.Blueprint.Mongo/Configuration/RegisterBlueprint.cs

@@ -46,7 +46,7 @@ namespace Core.Blueprint.DAL.Mongo.Configuration
             {
                 var settings = serviceProvider.GetRequiredService<IOptions<MongoDbSettings>>().Value;
                 var mongoClientSettings = MongoClientSettings.FromConnectionString(settings.ConnectionString);
-                mongoClientSettings.Credential = MongoCredential.CreateOidcCredential(new HeathIdentityProvider(settings.Audience));
+                mongoClientSettings.Credential = MongoCredential.CreateOidcCredential(new AzureIdentityProvider(settings.Audience));
                 return new MongoClient(mongoClientSettings);
             });
 

Core.Blueprint.Mongo/Contracts/ICollectionRepository.cs

@@ -148,5 +148,13 @@ namespace Core.Blueprint.Mongo
         /// <param name="filterExpression">An expression used to filter the documents to delete.</param>
         /// <returns>A <see cref="Task"/> representing the asynchronous operation.</returns>
         Task DeleteManyAsync(Expression<Func<TDocument, bool>> filterExpression);
+
+        /// <summary>
+        /// Executes an aggregation pipeline and returns the first document in the result asynchronously.
+        /// </summary>
+        /// <typeparam name="TOutput">The type of the output document you expect from the pipeline.</typeparam>
+        /// <param name="pipeline">The aggregation pipeline definition to execute.</param>
+        /// <returns>The first document from the aggregation result, or null if none found.</returns>
+        Task<TOutput> FindOnePipelineAsync<TOutput>(PipelineDefinition<TDocument, TOutput> pipeline);
     }
 }

Core.Blueprint.Mongo/Repositories/CollectionRepository.cs

@@ -248,5 +248,16 @@ namespace Core.Blueprint.Mongo
         {
             return Task.Run(() => _collection.DeleteManyAsync(filterExpression));
         }
+
+        /// <summary>
+        /// Executes an aggregation pipeline and returns the first document in the result asynchronously.
+        /// </summary>
+        /// <typeparam name="TOutput">The type of the output document you expect from the pipeline.</typeparam>
+        /// <param name="pipeline">The aggregation pipeline definition to execute.</param>
+        /// <returns>The first document from the aggregation result, or null if none found.</returns>
+        public virtual Task<TOutput> FindOnePipelineAsync<TOutput>(PipelineDefinition<TDocument, TOutput> pipeline)
+        {
+            return Task.Run(() => _collection.Aggregate(pipeline).FirstOrDefaultAsync());
+        }
     }
 }

Core.Blueprint.Redis/Adapters/CacheSettings.cs

@@ -1,10 +1,4 @@
-using System;
+namespace Core.Blueprint.Caching.Adapters
-using System.Collections.Generic;
-using System.Linq;
-using System.Text;
-using System.Threading.Tasks;
-
-namespace Core.Blueprint.Redis
 {
     public interface ICacheSettings
     {

Core.Blueprint.Redis/Configuration/RegisterBlueprint.cs

@@ -1,8 +1,10 @@
-using Microsoft.Extensions.Configuration;
+using Core.Blueprint.Caching.Adapters;
+using Core.Blueprint.Caching.Contracts;
+using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Logging;
 
-namespace Core.Blueprint.Redis.Configuration
+namespace Core.Blueprint.Caching.Configuration
 {
     /// <summary>
     /// Provides extension methods for registering Redis-related services in the DI container.
@@ -17,23 +19,32 @@ namespace Core.Blueprint.Redis.Configuration
         /// <returns>The updated service collection.</returns>
         public static IServiceCollection AddRedis(this IServiceCollection services, IConfiguration configuration)
         {
-            // Retrieve the Redis connection string from the configuration.
+            // TODO for the following variable we'll need to add in the appsettings.json the following config: "UseRedisCache": true,
-            // Get Redis configuration section
+            bool useRedis = configuration.GetValue<bool>("UseRedisCache");
-            var redisConnectionString = configuration.GetSection("ConnectionStrings:Redis").Value;
+            //TODO decide wheter to use appsettings or the following ENV variable
-            if (string.IsNullOrEmpty(redisConnectionString))
+            useRedis = Environment.GetEnvironmentVariable("CORE_BLUEPRINT_PACKAGES_USE_REDIS")?.ToLower() == "true";
+
+            if (useRedis)
             {
-                throw new InvalidOperationException("Redis connection is not configured.");
+                var redisConnectionString = configuration.GetSection("ConnectionStrings:Redis").Value;
+                if (string.IsNullOrEmpty(redisConnectionString))
+                {
+                    throw new InvalidOperationException("Redis connection is not configured.");
+                }
+
+                services.AddSingleton<ICacheProvider>(provider =>
+                    new RedisCacheProvider(redisConnectionString, provider.GetRequiredService<ILogger<RedisCacheProvider>>()));
+            }
+            else
+            {
+                services.AddMemoryCache();
+                services.AddSingleton<ICacheProvider, MemoryCacheProvider>();
             }
 
-            // Register RedisCacheProvider
-            services.AddSingleton<IRedisCacheProvider>(provider =>
-                new RedisCacheProvider(redisConnectionString, provider.GetRequiredService<ILogger<RedisCacheProvider>>()));
-
-            // Get CacheSettings and register with the ICacheSettings interface
             var cacheSettings = configuration.GetSection("CacheSettings").Get<CacheSettings>();
             if (cacheSettings == null)
             {
-                throw new InvalidOperationException("Redis CacheSettings section is not configured.");
+                throw new InvalidOperationException("CacheSettings section is not configured.");
             }
             services.AddSingleton<ICacheSettings>(cacheSettings);
 

Core.Blueprint.Redis/Contracts/ICacheProvider.cs

@@ -1,9 +1,9 @@
-namespace Core.Blueprint.Redis
+namespace Core.Blueprint.Caching.Contracts
 {
     /// <summary>
     /// Interface for managing Redis cache operations.
     /// </summary>
-    public interface IRedisCacheProvider
+    public interface ICacheProvider
     {
         /// <summary>
         /// Retrieves a cache item by its key.

Core.Blueprint.Redis/Core.Blueprint.Caching.csproj

@@ -7,12 +7,13 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.Azure.StackExchangeRedis" Version="3.2.0" />
+    <PackageReference Include="Microsoft.Azure.StackExchangeRedis" Version="3.2.1" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.Abstractions" Version="9.0.0" />
+    <PackageReference Include="Microsoft.Extensions.Caching.Memory" Version="9.0.5" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.Binder" Version="8.0.2" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.Abstractions" Version="9.0.5" />
-    <PackageReference Include="Microsoft.Extensions.DependencyInjection.Abstractions" Version="9.0.0" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.Binder" Version="9.0.5" />
-    <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="9.0.0" />
+    <PackageReference Include="Microsoft.Extensions.DependencyInjection.Abstractions" Version="9.0.5" />
-    <PackageReference Include="StackExchange.Redis" Version="2.8.22" />
+    <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="9.0.5" />
+    <PackageReference Include="StackExchange.Redis" Version="2.8.37" />
   </ItemGroup>
 
 </Project>

Core.Blueprint.Redis/Helpers/RedisCacheKeyHelper.cs

@@ -1,11 +1,7 @@
-using System;
+using System.Text;
-using System.Collections.Generic;
-using System.Linq;
-using System.Text;
 using System.Text.RegularExpressions;
-using System.Threading.Tasks;
 
-namespace Core.Blueprint.Redis.Helpers
+namespace Core.Blueprint.Caching.Helpers
 {
     /// <summary>
     /// Helper class for generating consistent and normalized cache keys.

Core.Blueprint.Redis/MemoryCacheProvider.cs

@@ -0,0 +1,86 @@
+using Core.Blueprint.Caching.Contracts;
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Caching.Memory;
+using System.Text.Json;
+
+namespace Core.Blueprint.Caching
+{
+    public sealed class MemoryCacheProvider : ICacheProvider
+    {
+        private readonly IMemoryCache _cache;
+        private readonly ILogger<MemoryCacheProvider> _logger;
+        public MemoryCacheProvider(IMemoryCache cache, ILogger<MemoryCacheProvider> logger)
+        {
+            _cache = cache;
+            _logger = logger;
+        }
+
+        public ValueTask<TEntity> GetAsync<TEntity>(string key)
+        {
+            if (_cache.TryGetValue(key, out var value))
+            {
+                if (value is TEntity typedValue)
+                {
+                    return ValueTask.FromResult(typedValue);
+                }
+
+                try
+                {
+                    var json = value?.ToString();
+                    var deserialized = JsonSerializer.Deserialize<TEntity>(json);
+                    return ValueTask.FromResult(deserialized);
+                }
+                catch (Exception ex)
+                {
+                    _logger.LogWarning(ex, "Error deserializing cache value for key {Key}", key);
+                }
+            }
+
+            return ValueTask.FromResult(default(TEntity));
+        }
+
+        public ValueTask SetAsync<TEntity>(string key, TEntity value, TimeSpan? expiry = null)
+        {
+            var options = new MemoryCacheEntryOptions();
+            if (expiry.HasValue)
+            {
+                options.SetAbsoluteExpiration(expiry.Value);
+            }
+
+            _cache.Set(key, value, options);
+            return ValueTask.CompletedTask;
+        }
+
+        public ValueTask RemoveAsync(string key)
+        {
+            _cache.Remove(key);
+            return ValueTask.CompletedTask;
+        }
+
+        public ValueTask<bool> ExistsAsync(string key)
+        {
+            return ValueTask.FromResult(_cache.TryGetValue(key, out _));
+        }
+
+        public ValueTask RefreshAsync(string key, TimeSpan? expiry = null)
+        {
+            // MemoryCache does not support sliding expiration refresh like Redis,
+            // so we must re-set the value manually if required.
+
+            if (_cache.TryGetValue(key, out var value))
+            {
+                _cache.Remove(key);
+
+                var options = new MemoryCacheEntryOptions();
+                if (expiry.HasValue)
+                {
+                    options.SetAbsoluteExpiration(expiry.Value);
+                }
+
+                _cache.Set(key, value, options);
+            }
+
+            return ValueTask.CompletedTask;
+        }
+    }
+}

Core.Blueprint.Redis/RedisCacheProvider.cs

@@ -1,14 +1,15 @@
 using Azure.Identity;
+using Core.Blueprint.Caching.Contracts;
 using Microsoft.Extensions.Logging;
 using StackExchange.Redis;
 using System.Text.Json;
 
-namespace Core.Blueprint.Redis
+namespace Core.Blueprint.Caching
 {
     /// <summary>
     /// Redis cache provider for managing cache operations.
     /// </summary>
-    public sealed class RedisCacheProvider : IRedisCacheProvider
+    public sealed class RedisCacheProvider : ICacheProvider
     {
         private IDatabase _cacheDatabase = null!;
         private readonly ILogger<RedisCacheProvider> _logger;