private void InitializeDb()
{
if (licenseManager.IsFeatureEnabled(LicensedFeatures.ExternalSql) && highAvailabilityOptions.UseExternalSql)
{
this.activeInstanceProvider = this.sqlServerInstanceProvider;
}
else
{
this.activeInstanceProvider = this.localDbInstanceProvider;
}
this.activeInstanceProvider.InitializeDb();
var upgrader = DeployChanges.To
.SqlDatabase(this.ConnectionString)
.WithScriptsEmbeddedInAssembly(Assembly.GetExecutingAssembly(), script => script.StartsWith("Lithnet.AccessManager.Server.DBScripts.Upgrade", System.StringComparison.OrdinalIgnoreCase))
.LogScriptOutput()
.LogTo(this.upgradeLogger)
.Build();
if (upgrader.IsUpgradeRequired())
{
this.logger.LogInformation(EventIDs.DbUpgradeRequired, "The database requires updates");
}
else
{
this.logger.LogTrace("The database is up to date");
}
var result = upgrader.PerformUpgrade();
if (!result.Successful)
{
throw result.Error;
}
}
private void ConfigureDataProtection(IServiceCollection services, IAmsLicenseManager licenseManager)
{
var provider = services.BuildServiceProvider();
var dataProtectionOptions = provider.GetService <IOptions <Server.Configuration.DataProtectionOptions> >();
IDataProtectionBuilder builder = services.AddDataProtection(options =>
{
options.ApplicationDiscriminator = "lithnetams";
});
SecurityIdentifier sid = WindowsIdentity.GetCurrent().User;
RegistryKey key = Registry.LocalMachine.CreateSubKey($"Software\\Lithnet\\Access Manager Service\\Parameters\\Keys\\{sid}");
builder.PersistKeysToRegistry(key);
if (dataProtectionOptions.Value.EnableClusterCompatibleSecretEncryption && licenseManager.IsFeatureEnabled(LicensedFeatures.DpapiNgSecretEncryption))
{
if (dataProtectionOptions.Value.EnableClusterCompatibleSecretEncryption && licenseManager.IsFeatureEnabled(LicensedFeatures.DpapiNgSecretEncryption))
{
builder.ProtectKeysWithDpapiNG($"SID={sid}", Microsoft.AspNetCore.DataProtection.XmlEncryption.DpapiNGProtectionDescriptorFlags.None);
}
else
{
builder.ProtectKeysWithDpapi(false);
}
}
}
