public InitOrganizationSigningUpService(IInitOrganizationSigningUpRepository repo, IUserManager userManager,
IRandomTokenGenerator tokenGenerator, ISecurityConfig securityConfig)
{
_repo = repo;
_userManager = userManager;
_tokenGenerator = tokenGenerator;
_securityConfig = securityConfig;
}
public CommonService(ICommonRepository repo, IUserManager userManager, IDateTime dateTime,
ISecurityConfig securityConfig)
{
_repo = repo;
_userManager = userManager;
_dateTime = dateTime;
_securityConfig = securityConfig;
}
/// <summary>
/// Builds and applies the the security configuration according to the local settings. Returns a the
/// configuration application ready to use for initialization of the OPC UA SDK client object.
/// </summary>
///<remarks>
/// Please note the input argument <cref>applicationConfiguration</cref> will be altered during execution
/// with the locally provided security configuration and shall not be used after calling this method.
/// </remarks>
public static async Task <ApplicationConfiguration> BuildSecurityConfiguration(
this ISecurityConfig securityConfig,
IApplicationConfigurationBuilderClientSelected applicationConfigurationBuilder,
ApplicationConfiguration applicationConfiguration,
string hostname)
{
if (securityConfig == null)
{
throw new ArgumentNullException(nameof(securityConfig));
}
if (securityConfig.TrustedIssuerCertificates == null)
{
throw new ArgumentNullException(
$"{nameof(securityConfig)}.{nameof(SecurityConfig.TrustedIssuerCertificates)}");
}
if (securityConfig.TrustedPeerCertificates == null)
{
throw new ArgumentNullException(
$"{nameof(securityConfig)}.{nameof(SecurityConfig.TrustedPeerCertificates)}");
}
if (securityConfig.RejectedCertificateStore == null)
{
throw new ArgumentNullException(
$"{nameof(securityConfig)}.{nameof(SecurityConfig.RejectedCertificateStore)}");
}
if (securityConfig.ApplicationCertificate == null)
{
throw new ArgumentNullException(
$"{nameof(securityConfig)}.{nameof(SecurityConfig.ApplicationCertificate)}");
}
var options = applicationConfigurationBuilder
.AddSecurityConfiguration(
securityConfig.ApplicationCertificate.SubjectName.Replace("localhost", hostname),
securityConfig.PkiRootPath)
.SetAutoAcceptUntrustedCertificates(securityConfig.AutoAcceptUntrustedCertificates)
.SetRejectSHA1SignedCertificates(securityConfig.RejectSha1SignedCertificates)
.SetMinimumCertificateKeySize(securityConfig.MinimumCertificateKeySize)
.SetAddAppCertToTrustedStore(securityConfig.AddAppCertToTrustedStore);
applicationConfiguration.SecurityConfiguration.ApplicationCertificate
.ApplyLocalConfig(securityConfig.ApplicationCertificate);
applicationConfiguration.SecurityConfiguration.TrustedPeerCertificates
.ApplyLocalConfig(securityConfig.TrustedPeerCertificates);
applicationConfiguration.SecurityConfiguration.TrustedIssuerCertificates
.ApplyLocalConfig(securityConfig.TrustedIssuerCertificates);
applicationConfiguration.SecurityConfiguration.RejectedCertificateStore
.ApplyLocalConfig(securityConfig.RejectedCertificateStore);
return(await options.Create().ConfigureAwait(false));
}
/// <summary>
/// Convert to security configuration
/// </summary>
/// <param name="securityConfig"></param>
/// <param name="hostname"></param>
/// <returns></returns>
public static SecurityConfiguration ToSecurityConfiguration(
this ISecurityConfig securityConfig, string hostname)
{
if (securityConfig == null)
{
throw new ArgumentNullException(nameof(securityConfig));
}
if (securityConfig.TrustedIssuerCertificates == null)
{
throw new ArgumentNullException(
$"{nameof(securityConfig)}.{nameof(SecurityConfig.TrustedIssuerCertificates)}");
}
if (securityConfig.TrustedPeerCertificates == null)
{
throw new ArgumentNullException(
$"{nameof(securityConfig)}.{nameof(SecurityConfig.TrustedPeerCertificates)}");
}
if (securityConfig.RejectedCertificateStore == null)
{
throw new ArgumentNullException(
$"{nameof(securityConfig)}.{nameof(SecurityConfig.RejectedCertificateStore)}");
}
if (securityConfig.ApplicationCertificate == null)
{
throw new ArgumentNullException(
$"{nameof(securityConfig)}.{nameof(SecurityConfig.ApplicationCertificate)}");
}
var securityConfiguration = new SecurityConfiguration {
TrustedIssuerCertificates = securityConfig.TrustedIssuerCertificates.ToCertificateTrustList(),
TrustedPeerCertificates = securityConfig.TrustedPeerCertificates.ToCertificateTrustList(),
RejectedCertificateStore = securityConfig.RejectedCertificateStore.ToCertificateTrustList(),
AutoAcceptUntrustedCertificates = securityConfig.AutoAcceptUntrustedCertificates,
RejectSHA1SignedCertificates = securityConfig.RejectSha1SignedCertificates,
MinimumCertificateKeySize = securityConfig.MinimumCertificateKeySize,
ApplicationCertificate = securityConfig.ApplicationCertificate.ToCertificateIdentifier(hostname),
AddAppCertToTrustedStore = securityConfig.AddAppCertToTrustedStore
};
return(securityConfiguration);
}
public AuthService(IUserService userSrv, ISecurityConfig securityConfig)
{
_userSrv = userSrv;
_secureConfig = securityConfig;
}
public JwtGenerator(ISecurityConfig config)
{
_config = config;
}
