// GET: Authentication
public ActionResult Index()
{
var model = new AppSettingsAuthConfig();
return View(model);
}
public static async Task RenewCertificate([TimerTrigger(typeof(MyDailySchedule), RunOnStartup = true)] TimerInfo timerInfo)
{
Console.WriteLine("Renew certificate");
var config = new Models.AppSettingsAuthConfig();
var count = (await new CertificateManager(new Models.AppSettingsAuthConfig()).RenewCertificate(renewXNumberOfDaysBeforeExpiration: config.RenewXNumberOfDaysBeforeExpiration)).Count();
Console.WriteLine($"Completed renewal of '{count}' certificates");
}
public static void AddCertificate([TimerTrigger(typeof(MonthlySchedule), RunOnStartup = true)] TimerInfo timerInfo, [Blob("letsencrypt/firstrun.job")] string input, [Blob("letsencrypt/firstrun.job")] out string output)
{
Console.WriteLine("Starting add certificate");
var environment = new Models.AppSettingsAuthConfig();
string websiteName = environment.WebAppName + "-" + environment.SiteSlotName + "|";
if (string.IsNullOrEmpty(input) || !input.Contains(websiteName))
{
Console.WriteLine($"First run of add certificate for {websiteName}");
new CertificateManager(environment).AddCertificate();
output = string.IsNullOrEmpty(input) ? websiteName : input + websiteName;
}
else
{
output = input;
}
Console.WriteLine("Completed add certificate");
}
public ActionResult Hostname(string id)
{
var settings = new AppSettingsAuthConfig();
var client = ArmHelper.GetWebSiteManagementClient(settings);
var site = client.Sites.GetSite(settings.ResourceGroupName, settings.WebAppName);
var model = new HostnameModel();
model.HostNames = site.HostNames;
model.HostNameSslStates = site.HostNameSslStates;
model.Certificates = client.Certificates.GetCertificates(settings.ResourceGroupName).Value;
model.InstalledCertificateThumbprint = id;
if (model.HostNames.Count == 1)
{
model.ErrorMessage = "No custom host names registered. At least one custom domain name must be registed for the web site to request a letsencrypt certificate.";
}
return View(model);
}
public void SetupHostnameAndCertificate()
{
Trace.TraceInformation("Setup hostname and certificates");
var settings = new AppSettingsAuthConfig();
using (var client = ArmHelper.GetWebSiteManagementClient(settings))
{
var s = client.Sites.GetSite(settings.ResourceGroupName, settings.WebAppName);
foreach (var hostname in settings.Hostnames)
{
if (s.HostNames.Any(existingHostname => string.Equals(existingHostname, hostname, StringComparison.InvariantCultureIgnoreCase)))
{
continue;
}
Trace.TraceInformation("Setting up hostname and lets encrypt certificate for " + hostname);
client.Sites.CreateOrUpdateSiteHostNameBinding(settings.ResourceGroupName, settings.WebAppName, hostname, new Microsoft.Azure.Management.WebSites.Models.HostNameBinding()
{
CustomHostNameDnsRecordType = CustomHostNameDnsRecordType.CName,
HostNameType = HostNameType.Verified,
SiteName = settings.WebAppName,
Location = s.Location
});
RequestAndInstallInternal(new Target()
{
BaseUri = settings.BaseUri,
ClientId = settings.ClientId,
ClientSecret = settings.ClientSecret,
Email = settings.Email,
Host = hostname,
ResourceGroupName = settings.ResourceGroupName,
SubscriptionId = settings.SubscriptionId,
Tenant = settings.Tenant,
WebAppName = settings.WebAppName
});
}
}
}
public void RenewCertificate()
{
Trace.TraceInformation("Checking certificate");
var settings = new AppSettingsAuthConfig();
using (var client = ArmHelper.GetWebSiteManagementClient(settings))
{
var certs = client.Certificates.GetCertificates(settings.ResourceGroupName).Value;
var expireringIn14Days = certs.Where(s => s.ExpirationDate < DateTime.UtcNow.AddDays(14) && s.Issuer.Contains("Let's Encrypt"));
foreach (var toExpireCert in expireringIn14Days)
{
Trace.TraceInformation("Starting renew of certificate " + toExpireCert.Name + " expiration date " + toExpireCert.ExpirationDate);
var site = client.Sites.GetSite(settings.ResourceGroupName, settings.WebAppName);
var sslState = site.HostNameSslStates.FirstOrDefault(s => s.Thumbprint == toExpireCert.Thumbprint);
if (sslState == null)
{
Trace.TraceInformation(String.Format("Certificate {0} was not assigned any hostname, skipping update", toExpireCert.Thumbprint));
continue;
}
var ss = SettingsStore.Instance.Load();
RequestAndInstallInternal(new Target()
{
WebAppName = settings.WebAppName,
Tenant = settings.Tenant,
SubscriptionId = settings.SubscriptionId,
ClientId = settings.ClientId,
ClientSecret = settings.ClientSecret,
ResourceGroupName = settings.ResourceGroupName,
Email = settings.Email ?? ss.FirstOrDefault(s => s.Name == "email").Value,
Host = sslState.Name,
BaseUri = settings.BaseUri ?? ss.FirstOrDefault(s => s.Name == "baseUri").Value,
});
}
}
}
private void SetViewBagHostnames()
{
var settings = new AppSettingsAuthConfig();
var client = ArmHelper.GetWebSiteManagementClient(settings);
var site = client.Sites.GetSite(settings.ResourceGroupName, settings.WebAppName);
var model = new HostnameModel();
ViewBag.HostNames = site.HostNames.Where(s => !s.EndsWith("azurewebsites.net")).Select(s => new SelectListItem()
{
Text = s,
Value = s
});
}
public ActionResult AddHostname()
{
var settings = new AppSettingsAuthConfig();
using (var client = ArmHelper.GetWebSiteManagementClient(settings))
{
var s = client.Sites.GetSite(settings.ResourceGroupName, settings.WebAppName);
foreach (var hostname in settings.Hostnames)
{
client.Sites.CreateOrUpdateSiteHostNameBinding(settings.ResourceGroupName, settings.WebAppName, hostname, new Microsoft.Azure.Management.WebSites.Models.HostNameBinding()
{
CustomHostNameDnsRecordType = Microsoft.Azure.Management.WebSites.Models.CustomHostNameDnsRecordType.CName,
HostNameType = Microsoft.Azure.Management.WebSites.Models.HostNameType.Verified,
SiteName = settings.WebAppName,
Location = s.Location
});
}
}
return View();
}
public ActionResult Install(RequestAndInstallModel model)
{
if (ModelState.IsValid)
{
var s = SettingsStore.Instance.Load();
s.Add(new LetsEncrypt.SiteExtension.Models.SettingEntry()
{
Name = "email",
Value = model.Email
});
var baseUri = model.UseStaging == false ? "https://acme-v01.api.letsencrypt.org/" : "https://acme-staging.api.letsencrypt.org/";
s.Add(new LetsEncrypt.SiteExtension.Models.SettingEntry()
{
Name = "baseUri",
Value = baseUri
});
SettingsStore.Instance.Save(s);
var settings = new AppSettingsAuthConfig();
var target = new Target()
{
ClientId = settings.ClientId,
ClientSecret = settings.ClientSecret,
Email = model.Email,
Host = model.Hostname,
WebAppName = settings.WebAppName,
ResourceGroupName = settings.ResourceGroupName,
SubscriptionId = settings.SubscriptionId,
Tenant = settings.Tenant,
BaseUri = baseUri,
};
var thumbprint = CertificateManager.RequestAndInstallInternal(target);
if (thumbprint != null)
return RedirectToAction("Hostname", new { id = thumbprint });
}
SetViewBagHostnames();
return View(model);
}