public BankIDHttpClientService(
IHttpClientFactory httpClientFactory,
IStatusHandler statusHandler,
BankIDServiceSettings bankIdServiceSettings)
{
_httpClientFactory = httpClientFactory;
_statusHandler = statusHandler;
_bankIdServiceSettings = bankIdServiceSettings;
}
//public BankIDHttpClientHandler()
//{
// _telemetryClient = new TelemetryClient();
//}
public BankIDHttpClientHandler(BankIDServiceSettings bankIdServiceSettings, TelemetryClient telemetryClient)
{
//TelemetryConfiguration.Active
_telemetryClient = telemetryClient; // new TelemetryClient();
_bankIdServiceSettings = bankIdServiceSettings;
//var bankIdServiceSettings = new BankIDServiceSettings(env);
AllowAutoRedirect = false;
AutomaticDecompression = DecompressionMethods.Deflate | DecompressionMethods.GZip;
SslProtocols = SslProtocols.Tls12;
// Hosting dependent config
var hosting = Environment.GetEnvironmentVariable("ASPNETCORE_HOSTING");
if (!string.IsNullOrEmpty(hosting) && hosting.Equals("Azure"))
{
// https://docs.microsoft.com/en-us/azure/app-service/app-service-web-ssl-cert-load
// server certificate
X509Store certStore = new X509Store(StoreName.My, StoreLocation.CurrentUser);
certStore.Open(OpenFlags.ReadOnly);
X509Certificate2Collection caCertCollection = certStore.Certificates.Find(
X509FindType.FindByThumbprint,
_bankIdServiceSettings.CaCertThumbprint,
false);
if (caCertCollection.Count > 0)
{
X509Certificate2 caCert = caCertCollection[0];
var validator = new RootCaValidator(caCert);
ServerCertificateCustomValidationCallback = validator.Validate;
_telemetryClient.TrackTrace($"Loaded CA Cert {caCert.SubjectName?.Name}, {caCert.Thumbprint}", SeverityLevel.Information);
}
else
{
_telemetryClient.TrackTrace($"Could not load CA Cert", SeverityLevel.Critical);
}
X509Certificate2Collection rpCertCollection = certStore.Certificates.Find(
X509FindType.FindByThumbprint,
_bankIdServiceSettings.RpCertThumbprint,
false);
if (rpCertCollection.Count > 0)
{
X509Certificate2 rpCert = rpCertCollection[0];
ClientCertificates.Add(rpCert);
_telemetryClient.TrackTrace($"Loaded RP Cert {rpCert.SubjectName?.Name}, {rpCert.Thumbprint}", SeverityLevel.Information);
}
else
{
_telemetryClient.TrackTrace($"Could not load RP Cert", SeverityLevel.Critical);
}
_telemetryClient.Flush();
certStore.Close();
}
else
{
// Local
SecureString secureString = new SecureString();
"qwerty123".ToCharArray().ToList().ForEach(p => secureString.AppendChar(p));
var rootCa = new X509Certificate2(_bankIdServiceSettings.CaCert);
var validator = new RootCaValidator(rootCa);
ServerCertificateCustomValidationCallback = validator.Validate;
ClientCertificates.Add(new X509Certificate2(_bankIdServiceSettings.RpCert, secureString));
}
}