Beispiel #1
0
 public BankIDHttpClientService(
     IHttpClientFactory httpClientFactory,
     IStatusHandler statusHandler,
     BankIDServiceSettings bankIdServiceSettings)
 {
     _httpClientFactory     = httpClientFactory;
     _statusHandler         = statusHandler;
     _bankIdServiceSettings = bankIdServiceSettings;
 }
Beispiel #2
0
        //public BankIDHttpClientHandler()
        //{
        //    _telemetryClient = new TelemetryClient();
        //}

        public BankIDHttpClientHandler(BankIDServiceSettings bankIdServiceSettings, TelemetryClient telemetryClient)
        {
            //TelemetryConfiguration.Active
            _telemetryClient       = telemetryClient; // new TelemetryClient();
            _bankIdServiceSettings = bankIdServiceSettings;
            //var bankIdServiceSettings = new BankIDServiceSettings(env);

            AllowAutoRedirect      = false;
            AutomaticDecompression = DecompressionMethods.Deflate | DecompressionMethods.GZip;
            SslProtocols           = SslProtocols.Tls12;

            // Hosting dependent config
            var hosting = Environment.GetEnvironmentVariable("ASPNETCORE_HOSTING");

            if (!string.IsNullOrEmpty(hosting) && hosting.Equals("Azure"))
            {
                // https://docs.microsoft.com/en-us/azure/app-service/app-service-web-ssl-cert-load


                // server certificate
                X509Store certStore = new X509Store(StoreName.My, StoreLocation.CurrentUser);
                certStore.Open(OpenFlags.ReadOnly);

                X509Certificate2Collection caCertCollection = certStore.Certificates.Find(
                    X509FindType.FindByThumbprint,
                    _bankIdServiceSettings.CaCertThumbprint,
                    false);

                if (caCertCollection.Count > 0)
                {
                    X509Certificate2 caCert = caCertCollection[0];
                    var validator           = new RootCaValidator(caCert);
                    ServerCertificateCustomValidationCallback = validator.Validate;

                    _telemetryClient.TrackTrace($"Loaded CA Cert {caCert.SubjectName?.Name}, {caCert.Thumbprint}", SeverityLevel.Information);
                }
                else
                {
                    _telemetryClient.TrackTrace($"Could not load CA Cert", SeverityLevel.Critical);
                }

                X509Certificate2Collection rpCertCollection = certStore.Certificates.Find(
                    X509FindType.FindByThumbprint,
                    _bankIdServiceSettings.RpCertThumbprint,
                    false);

                if (rpCertCollection.Count > 0)
                {
                    X509Certificate2 rpCert = rpCertCollection[0];
                    ClientCertificates.Add(rpCert);
                    _telemetryClient.TrackTrace($"Loaded RP Cert {rpCert.SubjectName?.Name}, {rpCert.Thumbprint}", SeverityLevel.Information);
                }
                else
                {
                    _telemetryClient.TrackTrace($"Could not load RP Cert", SeverityLevel.Critical);
                }
                _telemetryClient.Flush();
                certStore.Close();
            }
            else
            {
                // Local
                SecureString secureString = new SecureString();
                "qwerty123".ToCharArray().ToList().ForEach(p => secureString.AppendChar(p));

                var rootCa    = new X509Certificate2(_bankIdServiceSettings.CaCert);
                var validator = new RootCaValidator(rootCa);
                ServerCertificateCustomValidationCallback = validator.Validate;

                ClientCertificates.Add(new X509Certificate2(_bankIdServiceSettings.RpCert, secureString));
            }
        }