Dynamic clients

Author: alexis-

src/Cloudflare.NET/CloudflareApiClient.cs

@@ -115,4 +115,31 @@ public CloudflareApiClient(HttpClient httpClient, IOptions<CloudflareApiOptions>
   public ITurnstileApi Turnstile => _turnstile.Value;
 
   #endregion
+
+
+  #region Methods Impl - IDisposable
+
+  /// <summary>
+  ///   Disposes this client instance.
+  /// </summary>
+  /// <remarks>
+  ///   <para>
+  ///     For DI-managed clients, this method does nothing because the <see cref="HttpClient" />
+  ///     lifetime is managed by <see cref="IHttpClientFactory" />. The factory handles pooling
+  ///     and disposal of the underlying handlers automatically.
+  ///   </para>
+  ///   <para>
+  ///     For dynamic clients created via
+  ///     <see cref="ICloudflareApiClientFactory.CreateClient(CloudflareApiOptions)" />,
+  ///     the <see cref="DynamicCloudflareApiClient" /> wrapper handles actual disposal of resources.
+  ///   </para>
+  /// </remarks>
+  public void Dispose()
+  {
+    // No-op for DI-managed clients. The HttpClient is managed by IHttpClientFactory
+    // and should not be disposed by the client. For dynamic clients, the
+    // DynamicCloudflareApiClient wrapper handles disposal.
+  }
+
+  #endregion
 }

src/Cloudflare.NET/Core/CloudflareApiClientFactory.cs

@@ -3,6 +3,7 @@ namespace Cloudflare.NET.Core;
 using Internal;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
+using Resilience;
 using Validation;
 
 /// <summary>
@@ -79,6 +80,47 @@ public ICloudflareApiClient CreateClient(string name)
     return new CloudflareApiClient(httpClient, optionsWrapper, _loggerFactory);
   }
 
+
+  /// <inheritdoc />
+  public ICloudflareApiClient CreateClient(CloudflareApiOptions options)
+  {
+    ArgumentNullException.ThrowIfNull(options);
+
+    // Validate the options using the shared validator for consistent, clear error messages.
+    ValidateNamedClientConfiguration("dynamic", options);
+
+    // Build the resilience pipeline using the shared builder.
+    // This ensures the same resilience behavior as DI-registered clients.
+    var logger   = _loggerFactory.CreateLogger(LoggingConstants.Categories.HttpResilience);
+    var pipeline = CloudflareResiliencePipelineBuilder.Build(options, logger, clientName: "dynamic");
+
+    // Create the handler chain: ResilienceHandler → SocketsHttpHandler.
+    // SocketsHttpHandler is used for proper connection pooling and lifetime management.
+    var socketHandler = new SocketsHttpHandler
+    {
+      // PooledConnectionLifetime ensures connections are recycled periodically,
+      // which helps with DNS changes and prevents stale connections.
+      // This mirrors the behavior of IHttpClientFactory-managed handlers.
+      PooledConnectionLifetime = TimeSpan.FromMinutes(2)
+    };
+
+    var resilienceHandler = new ResilienceDelegatingHandler(pipeline, socketHandler);
+
+    // Create and configure the HttpClient using the shared configurator.
+    // This ensures the same configuration as DI-registered clients.
+    var httpClient = new HttpClient(resilienceHandler);
+    CloudflareHttpClientConfigurator.Configure(httpClient, options, setAuthorizationHeader: true);
+
+    // Wrap the options in IOptions<T> for the CloudflareApiClient constructor.
+    var optionsWrapper = new NamedOptionsWrapper<CloudflareApiOptions>(options);
+
+    // Create the inner client that handles all API operations.
+    var innerClient = new CloudflareApiClient(httpClient, optionsWrapper, _loggerFactory);
+
+    // Wrap in DynamicCloudflareApiClient which handles disposal of the owned HttpClient.
+    return new DynamicCloudflareApiClient(innerClient, httpClient);
+  }
+
   #endregion
 
   #region Methods

src/Cloudflare.NET/Core/CloudflareHttpClientConfigurator.cs

@@ -0,0 +1,127 @@
+namespace Cloudflare.NET.Core;
+
+using System.Net.Http.Headers;
+
+/// <summary>
+///   Configures <see cref="HttpClient" /> instances for Cloudflare API communication.
+///   Used by both DI registration and dynamic client creation paths to ensure
+///   consistent HTTP client configuration.
+/// </summary>
+/// <remarks>
+///   <para>
+///     This class centralizes the HttpClient configuration logic that was previously
+///     duplicated between the DI registration path and the dynamic client creation path.
+///   </para>
+///   <para>
+///     Configuration includes:
+///   </para>
+///   <list type="bullet">
+///     <item>
+///       <description>
+///         <b>Base Address</b> - Set from <see cref="CloudflareApiOptions.ApiBaseUrl" />.
+///       </description>
+///     </item>
+///     <item>
+///       <description>
+///         <b>Timeout</b> - Set to a long value (5 minutes) to allow the resilience pipeline
+///         to handle timeouts. The actual timeout is controlled by the pipeline.
+///       </description>
+///     </item>
+///     <item>
+///       <description>
+///         <b>Authorization Header</b> - Optionally set from <see cref="CloudflareApiOptions.ApiToken" />.
+///       </description>
+///     </item>
+///   </list>
+/// </remarks>
+public static class CloudflareHttpClientConfigurator
+{
+  #region Constants
+
+  /// <summary>
+  ///   The HttpClient timeout. This is intentionally long to allow the resilience
+  ///   pipeline's timeout strategies to be the effective timeout controllers.
+  /// </summary>
+  /// <remarks>
+  ///   Ref: https://learn.microsoft.com/en-us/dotnet/core/resilience/http-resilience#httpclient-timeout
+  /// </remarks>
+  private static readonly TimeSpan HttpClientTimeout = TimeSpan.FromMinutes(5);
+
+  #endregion
+
+
+  #region Methods - Public
+
+  /// <summary>
+  ///   Configures an <see cref="HttpClient" /> for Cloudflare API communication.
+  /// </summary>
+  /// <param name="client">The HttpClient to configure.</param>
+  /// <param name="options">The Cloudflare API options containing configuration values.</param>
+  /// <param name="setAuthorizationHeader">
+  ///   If true, sets the Authorization header from the options. Set to false when
+  ///   authentication is handled separately (e.g., via <see cref="Auth.AuthenticationHandler" />).
+  /// </param>
+  /// <exception cref="ArgumentNullException">Thrown when <paramref name="client" /> or <paramref name="options" /> is null.</exception>
+  /// <exception cref="InvalidOperationException">Thrown when <see cref="CloudflareApiOptions.ApiBaseUrl" /> is null or whitespace.</exception>
+  /// <remarks>
+  ///   <para>
+  ///     The HttpClient timeout is set to a long value (5 minutes) to ensure that the resilience
+  ///     pipeline's timeout strategies are the effective timeout controllers. Without this, the
+  ///     HttpClient's default 100-second timeout would interfere with retry attempts.
+  ///   </para>
+  /// </remarks>
+  /// <example>
+  ///   <code>
+  /// // For DI registration path (auth handled by AuthenticationHandler)
+  /// CloudflareHttpClientConfigurator.Configure(httpClient, options, setAuthorizationHeader: false);
+  ///
+  /// // For named clients or dynamic clients (auth header set directly)
+  /// CloudflareHttpClientConfigurator.Configure(httpClient, options, setAuthorizationHeader: true);
+  /// </code>
+  /// </example>
+  public static void Configure(HttpClient           client,
+                               CloudflareApiOptions options,
+                               bool                 setAuthorizationHeader = true)
+  {
+    ArgumentNullException.ThrowIfNull(client);
+    ArgumentNullException.ThrowIfNull(options);
+
+    // Validate the API base URL.
+    if (string.IsNullOrWhiteSpace(options.ApiBaseUrl))
+      throw new InvalidOperationException(
+        "Cloudflare API Base URL is missing. Please configure it in the 'Cloudflare' settings section.");
+
+    // Set the base address for all requests.
+    client.BaseAddress = new Uri(options.ApiBaseUrl);
+
+    // Set a long HttpClient.Timeout so that our resilience pipeline's TotalRequestTimeout is the effective timeout.
+    // Ref: https://learn.microsoft.com/en-us/dotnet/core/resilience/http-resilience#httpclient-timeout
+    client.Timeout = HttpClientTimeout;
+
+    // Optionally set the Authorization header.
+    if (setAuthorizationHeader && !string.IsNullOrWhiteSpace(options.ApiToken))
+      client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", options.ApiToken);
+  }
+
+
+  /// <summary>
+  ///   Configures only the base properties of an <see cref="HttpClient" /> (base address and timeout),
+  ///   without setting the Authorization header.
+  /// </summary>
+  /// <param name="client">The HttpClient to configure.</param>
+  /// <param name="options">The Cloudflare API options containing configuration values.</param>
+  /// <exception cref="ArgumentNullException">Thrown when <paramref name="client" /> or <paramref name="options" /> is null.</exception>
+  /// <exception cref="InvalidOperationException">Thrown when <see cref="CloudflareApiOptions.ApiBaseUrl" /> is null or whitespace.</exception>
+  /// <remarks>
+  ///   <para>
+  ///     This overload is provided for backward compatibility and convenience when authentication
+  ///     is handled by a separate <see cref="Auth.AuthenticationHandler" />.
+  ///   </para>
+  /// </remarks>
+  public static void ConfigureBase(HttpClient client, CloudflareApiOptions options)
+  {
+    Configure(client, options, setAuthorizationHeader: false);
+  }
+
+  #endregion
+}

src/Cloudflare.NET/Core/DynamicCloudflareApiClient.cs

@@ -0,0 +1,146 @@
+namespace Cloudflare.NET.Core;
+
+using Accounts;
+using ApiTokens;
+using AuditLogs;
+using Dns;
+using Members;
+using Roles;
+using Subscriptions;
+using Turnstile;
+using User;
+using Workers;
+using Zones;
+
+/// <summary>
+///   A Cloudflare API client created dynamically (at runtime) that owns its
+///   <see cref="HttpClient" /> and disposes it when disposed.
+/// </summary>
+/// <remarks>
+///   <para>
+///     Unlike DI-managed clients where the <see cref="HttpClient" /> lifetime is managed by
+///     <see cref="IHttpClientFactory" />, dynamic clients own their <see cref="HttpClient" />
+///     and must dispose it to release the underlying <see cref="System.Net.Http.SocketsHttpHandler" />
+///     and connections.
+///   </para>
+///   <para>
+///     This class wraps a standard <see cref="CloudflareApiClient" /> and adds disposal semantics.
+///     All API operations are delegated to the inner client.
+///   </para>
+///   <para>
+///     Users should dispose this client when it is no longer needed:
+///   </para>
+///   <code>
+/// using var client = factory.CreateClient(options);
+/// // Use the client...
+/// </code>
+/// </remarks>
+internal sealed class DynamicCloudflareApiClient : ICloudflareApiClient
+{
+  #region Properties & Fields - Non-Public
+
+  /// <summary>The inner Cloudflare API client that handles all API operations.</summary>
+  private readonly CloudflareApiClient _innerClient;
+
+  /// <summary>The HttpClient that this instance owns and will dispose.</summary>
+  private readonly HttpClient _ownedHttpClient;
+
+  /// <summary>Indicates whether this instance has been disposed.</summary>
+  private bool _disposed;
+
+  #endregion
+
+
+  #region Constructors
+
+  /// <summary>
+  ///   Initializes a new instance of the <see cref="DynamicCloudflareApiClient" /> class.
+  /// </summary>
+  /// <param name="innerClient">The inner Cloudflare API client.</param>
+  /// <param name="ownedHttpClient">The HttpClient that this instance owns and will dispose.</param>
+  internal DynamicCloudflareApiClient(CloudflareApiClient innerClient, HttpClient ownedHttpClient)
+  {
+    _innerClient     = innerClient ?? throw new ArgumentNullException(nameof(innerClient));
+    _ownedHttpClient = ownedHttpClient ?? throw new ArgumentNullException(nameof(ownedHttpClient));
+  }
+
+  #endregion
+
+
+  #region Properties Impl - ICloudflareApiClient
+
+  /// <inheritdoc />
+  public IAccountsApi Accounts => ThrowIfDisposed()._innerClient.Accounts;
+
+  /// <inheritdoc />
+  public IUserApi User => ThrowIfDisposed()._innerClient.User;
+
+  /// <inheritdoc />
+  public IZonesApi Zones => ThrowIfDisposed()._innerClient.Zones;
+
+  /// <inheritdoc />
+  public IDnsApi Dns => ThrowIfDisposed()._innerClient.Dns;
+
+  /// <inheritdoc />
+  public IAuditLogsApi AuditLogs => ThrowIfDisposed()._innerClient.AuditLogs;
+
+  /// <inheritdoc />
+  public IApiTokensApi ApiTokens => ThrowIfDisposed()._innerClient.ApiTokens;
+
+  /// <inheritdoc />
+  public IRolesApi Roles => ThrowIfDisposed()._innerClient.Roles;
+
+  /// <inheritdoc />
+  public IMembersApi Members => ThrowIfDisposed()._innerClient.Members;
+
+  /// <inheritdoc />
+  public ISubscriptionsApi Subscriptions => ThrowIfDisposed()._innerClient.Subscriptions;
+
+  /// <inheritdoc />
+  public IWorkersApi Workers => ThrowIfDisposed()._innerClient.Workers;
+
+  /// <inheritdoc />
+  public ITurnstileApi Turnstile => ThrowIfDisposed()._innerClient.Turnstile;
+
+  #endregion
+
+
+  #region Methods Impl - IDisposable
+
+  /// <summary>
+  ///   Releases the resources used by this client, including the owned <see cref="HttpClient" />.
+  /// </summary>
+  /// <remarks>
+  ///   <para>
+  ///     After disposal, any attempt to access the API properties will throw
+  ///     <see cref="ObjectDisposedException" />.
+  ///   </para>
+  /// </remarks>
+  public void Dispose()
+  {
+    if (_disposed)
+      return;
+
+    _ownedHttpClient.Dispose();
+    _disposed = true;
+  }
+
+  #endregion
+
+
+  #region Methods - Private
+
+  /// <summary>
+  ///   Throws <see cref="ObjectDisposedException" /> if this instance has been disposed.
+  /// </summary>
+  /// <returns>This instance, for fluent chaining.</returns>
+  /// <exception cref="ObjectDisposedException">Thrown if this instance has been disposed.</exception>
+  private DynamicCloudflareApiClient ThrowIfDisposed()
+  {
+    ObjectDisposedException.ThrowIf(_disposed, this);
+
+    return this;
+  }
+
+  #endregion
+}