private static void ConnectToKeyVaultAndSetApplicationInsights(IConfigurationBuilder config) { IConfiguration stageOneConfig = config.Build(); KeyVaultSettings keyVaultSettings = new KeyVaultSettings(); stageOneConfig.GetSection("kvSetting").Bind(keyVaultSettings); if (!string.IsNullOrEmpty(keyVaultSettings.ClientId) && !string.IsNullOrEmpty(keyVaultSettings.TenantId) && !string.IsNullOrEmpty(keyVaultSettings.ClientSecret) && !string.IsNullOrEmpty(keyVaultSettings.SecretUri)) { _logger.LogInformation("Program // Configure key vault client // App"); string connectionString = $"RunAs=App;AppId={keyVaultSettings.ClientId};" + $"TenantId={keyVaultSettings.TenantId};" + $"AppKey={keyVaultSettings.ClientSecret}"; AzureServiceTokenProvider azureServiceTokenProvider = new AzureServiceTokenProvider(connectionString); KeyVaultClient keyVaultClient = new KeyVaultClient( new KeyVaultClient.AuthenticationCallback( azureServiceTokenProvider.KeyVaultTokenCallback)); config.AddAzureKeyVault( keyVaultSettings.SecretUri, keyVaultClient, new DefaultKeyVaultSecretManager()); try { SecretBundle secretBundle = keyVaultClient .GetSecretAsync(keyVaultSettings.SecretUri, Startup.VaultApplicationInsightsKey).Result; Startup.ApplicationInsightsKey = secretBundle.Value; } catch (Exception vaultException) { _logger.LogError($"Unable to read application insights key {vaultException}"); } } }
/// <summary> /// This method gets called by the runtime. Use this method to add services to the container. /// </summary> /// <param name="services"></param> public void ConfigureServices(IServiceCollection services) { ConfigureSession(services); services.AddMvc(); IKeyVaultSettings keyVaultSettings = new KeyVaultSettings(Configuration.GetSection("KeyVault")); services.AddSingleton(keyVaultSettings); services.AddSingleton <IHttpClientService, HttpClientService>(); services.AddSingleton <IServiceProvidersBusinessLogic, ServiceProvidersBusinessLogic>(); ConfigureCosmosDb(services); services.AddSwaggerGen(c => { c.SwaggerDoc("v1", new Info { Title = "Access2Justice Integration API", Version = "1.0.0", Description = "Access2Justice APIs for integration with external partners.", TermsOfService = "None" }); c.TagActionsBy(api => api.GroupName); c.DescribeAllEnumsAsStrings(); c.OrderActionsBy((apiDesc) => $"{apiDesc.RelativePath}_{apiDesc.HttpMethod}"); var xmlFile = $"{Assembly.GetExecutingAssembly().GetName().Name}.xml"; var xmlPath = Path.Combine(AppContext.BaseDirectory, xmlFile); c.IncludeXmlComments(xmlPath); }); }
/// <summary> /// Initialize a new instance of <see cref="JwtSigningCertificateProvider"/> with settings for accessing a key vault and file system. /// </summary> /// <param name="keyVaultSettings">Settings required to access a certificate stored in a key vault.</param> /// <param name="certificateSettings">Settings required to access a certificate stored on a file system.</param> public JwtSigningCertificateProvider( IOptions <KeyVaultSettings> keyVaultSettings, IOptions <CertificateSettings> certificateSettings) { _keyVaultSettings = keyVaultSettings.Value; _certificateSettings = certificateSettings.Value; }
private static IConfiguration BuildAppConfiguration(IConfigurationBuilder builder, WebHostBuilderContext hostingContext) { var environment = hostingContext.HostingEnvironment; IConfiguration configuration = builder.Build(); if (environment.IsDevelopment()) { builder.AddUserSecrets(Assembly.Load(new AssemblyName(environment.ApplicationName)), optional: true); } // TODO : Work out why the instrumentation key below is ignored, the correct instrumentation key seems to be only // set if it is present in the appsettings.json or is passed to the overloaded extensions method on IWebHostBuilder called UseApplicationInsights. var applicationInsightsSettings = new ApplicationInsightsSettings(); configuration.BindOrThrow("ApplicationInsights", applicationInsightsSettings); builder.AddApplicationInsightsSettings(developerMode: environment.IsDevelopment(), instrumentationKey: applicationInsightsSettings.InstrumentationKey); KeyVaultSettings keyVaultSettings = new KeyVaultSettings(); configuration.BindOrThrow("KeyVaultSettings", keyVaultSettings); builder.AddAzureKeyVault( keyVaultSettings.DnsName, keyVaultSettings.AppUserClientId, keyVaultSettings.AppUserClientSecret); return(configuration); }
public TokenService(IOptionsMonitor <KeyVaultSettings> keyVaultSettings, IOptionsMonitor <BearerSecurityKey> bearerSecurityKey, IKeyVaultSecretManager keyVaultSecretManager) { _keyVaultSecretManager = keyVaultSecretManager; _keyVaultSettings = keyVaultSettings.CurrentValue; _bearerSecurityKey = bearerSecurityKey.CurrentValue; }
private static async Task LoadSecretSettings( StorageSettings storageSettings, AppSettings appSettings, KeyVaultSettings keyVaultSettings) { var store = new SecretsStore(appSettings.KeyVaultBaseUrl, keyVaultSettings.ClientId, keyVaultSettings.ClientSecret); storageSettings.ConnectionString = await store.GetOrLoadSettingAsync(storageSettings.ConnectionString); }
public EncryptionService( KeyVaultClient keyVaultClient, Link4PaySettings link4PaySettings, KeyVaultSettings keyVaultSettings ) { _keyVaultClient = keyVaultClient; _accessToken = link4PaySettings.AccessToken; _clientId = link4PaySettings.ClientId; }
/// <summary> /// The default constructor /// </summary> /// <param name="options">The options</param> /// <param name="logger">The logger</param> /// <param name="encoder">The Url encoder</param> /// <param name="clock">The system clock</param> /// <param name="keyVaultSettings">The key vault settings</param> /// <param name="certSettings">The certification settings</param> public JwtCookieHandler( IOptionsMonitor <JwtCookieOptions> options, ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock, IOptions <KeyVaultSettings> keyVaultSettings, IOptions <CertificateSettings> certSettings) : base(options, logger, encoder, clock) { _keyVaultSettings = keyVaultSettings.Value; _certificateSettings = certSettings.Value; }
public static async Task <string> GetAccessToken( AadAppSettings settings, KeyVaultSettings vaultSettings = null, IKeyVaultClient kvClient = null) { if (!string.IsNullOrEmpty(settings.ClientCertName)) { if (kvClient == null) { throw new ArgumentNullException(nameof(kvClient)); } if (vaultSettings == null) { throw new ArgumentNullException(nameof(vaultSettings)); } } IConfidentialClientApplication app; if (!string.IsNullOrEmpty(settings.ClientCertName) && vaultSettings != null) { var cert = await kvClient.GetCertificateAsync(vaultSettings.VaultUrl, settings.ClientCertName); var pfx = new X509Certificate2(cert.Cer); app = ConfidentialClientApplicationBuilder.Create(settings.ClientId) .WithCertificate(pfx) .WithAuthority(settings.Authority) .Build(); } else { throw new ArgumentException("Either client secret or cert must be specified", nameof(settings)); } try { var result = await app.AcquireTokenForClient(settings.Scopes).ExecuteAsync(); return(result.AccessToken); } catch (MsalServiceException ex) when(ex.Message.Contains("AADSTS70011")) { // Invalid scope. The scope has to be of the form "https://resourceurl/.default" // Mitigation: change the scope to be as expected Console.ForegroundColor = ConsoleColor.Red; Console.WriteLine("Scope provided is not supported"); Console.ResetColor(); } return(null); }
/// <summary> /// Initializes a new instance of the <see cref="AccessTokenProvider"/> class. /// </summary> /// <param name="keyVaultService">The key vault service.</param> /// <param name="accessTokenGenerator">The access token generator.</param> /// <param name="accessTokenSettings">The access token settings.</param> /// <param name="keyVaultSettings">The key vault settings.</param> /// <param name="platformSettings">The platform settings.</param> public AccessTokenProvider( IKeyVaultService keyVaultService, IAccessTokenGenerator accessTokenGenerator, IOptions <AccessTokenSettings> accessTokenSettings, IOptions <KeyVaultSettings> keyVaultSettings, IOptions <PlatformSettings> platformSettings) { _keyVaultService = keyVaultService; _accessTokenGenerator = accessTokenGenerator; _platformSettings = platformSettings.Value; _accessTokenSettings = accessTokenSettings.Value; _keyVaultSettings = keyVaultSettings.Value; }
public void AssertVault_SettingsClassFromConfiguration() { KeyVaultConfigurationElement element = KeyVaultConfigurationSection.Instance.Vaults["TestVault"]; KeyVaultSettings settings = new KeyVaultSettings(element); WhiteStrike.KeyVaultConnector.Model.KeyVaultConfigurationSettings config = settings.kvConfiguration; Assert.AreEqual(element.Credential, config.ConnectingAccountCredential, "Credential is not consistent after translation to Connector settings"); Assert.AreEqual(element.AuthenticationUrl, config.AuthURL, "AuthenticationUrl is not consistent after translation to Connector settings"); Assert.AreEqual(element.Identity, config.ConnectingAccountIdentity, "Identity is not consistent after translation to Connector settings"); Assert.AreEqual(element.VaultUrl, config.VaultURL, "VaultUrl is not consistent after translation to Connector settings"); Assert.AreEqual(element.SecretPrefix, config.SecretPrefix, "SecretPrefix is not consistent after translation to Connector settings"); Assert.AreEqual(KeyVaultConnector.Authentication.AuthenticationType.Certificate, config.CredentialType, "CredentialType is not consistent after translation to Connector settings"); }
private X509Certificate2 GetTokenCertificate() { if (string.IsNullOrEmpty(keyVaultSettings.ClientId) || string.IsNullOrEmpty(keyVaultSettings.ClientSecret)) { return(new X509Certificate2(certSettings.CertificatePath, certSettings.CertificatePwd)); } KeyVaultClient client = KeyVaultSettings.GetClient(keyVaultSettings.ClientId, keyVaultSettings.ClientSecret); CertificateBundle certificate = client.GetCertificateAsync(keyVaultSettings.SecretUri, certSettings.CertificateName).GetAwaiter().GetResult(); SecretBundle secret = client.GetSecretAsync(certificate.SecretIdentifier.Identifier).GetAwaiter().GetResult(); byte[] pfxBytes = Convert.FromBase64String(secret.Value); return(new X509Certificate2(pfxBytes)); }
public StartupManager( Server grpcServer, KeyVaultSettings keyVaultSettings, IEncryptionService encryptionService, ICqrsEngine cqrsEngine, ILogFactory logFactory ) { _grpcServer = grpcServer; _keyVaultSettings = keyVaultSettings; _encryptionService = encryptionService; _cqrsEngine = cqrsEngine; _log = logFactory.CreateLog(this); }
/// <summary> /// Initializes a new instance of the <see cref="ValidateSubscriptionService"/> class. /// </summary> public ValidateSubscriptionService( HttpClient httpClient, IAccessTokenGenerator accessTokenGenerator, IKeyVaultService keyVaultService, IOptions <PlatformSettings> eventsConfig, IOptions <KeyVaultSettings> keyVaultSettings, ILogger <IPushEventsService> logger) { _platformSettings = eventsConfig.Value; _keyVaultSettings = keyVaultSettings.Value; httpClient.BaseAddress = new Uri(_platformSettings.ApiEventsEndpoint); _client = httpClient; _accessTokenGenerator = accessTokenGenerator; _keyVaultService = keyVaultService; _logger = logger; }
public static IHostBuilder CreateHostBuilder(string[] args) => Host.CreateDefaultBuilder(args) .ConfigureAppConfiguration((context, config) => { var kvSettings = new KeyVaultSettings(); config.Build().GetSection("KeyVault").Bind(kvSettings); if (kvSettings.Enabled) { config.AddAzureKeyVault(kvSettings.Uri, kvSettings.ClientId, kvSettings.ClientSecret); } }) .ConfigureWebHostDefaults(webBuilder => { webBuilder.UseKestrel(options => options.AddServerHeader = false); webBuilder.UseStartup <Startup>(); });
private static void ConfigureSettings(HostBuilderContext hostContext, IServiceCollection services) { var storageSettings = new StorageSettings(); var appSettings = new AppSettings(); var keyVaultSettings = new KeyVaultSettings(); hostContext.Configuration.GetSection(nameof(StorageSettings)).Bind(storageSettings); hostContext.Configuration.GetSection(nameof(AppSettings)).Bind(appSettings); hostContext.Configuration.GetSection(nameof(KeyVaultSettings)).Bind(keyVaultSettings); LoadSecretSettings(storageSettings, appSettings, keyVaultSettings) .GetAwaiter() .GetResult(); services.AddSingleton(storageSettings); services.AddSingleton(appSettings); }
private async Task <List <X509Certificate2> > GetAllCertificateVersions(string keyVaultUrl, string certificateName) { List <X509Certificate2> certificates = new List <X509Certificate2>(); KeyVaultClient client = KeyVaultSettings.GetClient(_keyVaultSettings.ClientId, _keyVaultSettings.ClientSecret); // Get the first page of certificates IPage <CertificateItem> certificateItemsPage = await client.GetCertificateVersionsAsync(keyVaultUrl, certificateName); while (true) { foreach (var certificateItem in certificateItemsPage) { // Ignore disabled or expired certificates if (certificateItem.Attributes.Enabled == true && (certificateItem.Attributes.Expires == null || certificateItem.Attributes.Expires > DateTime.UtcNow)) { CertificateBundle certificateVersionBundle = await client.GetCertificateAsync(certificateItem.Identifier.Identifier); SecretBundle certificatePrivateKeySecretBundle = await client.GetSecretAsync(certificateVersionBundle.SecretIdentifier.Identifier); byte[] privateKeyBytes = Convert.FromBase64String(certificatePrivateKeySecretBundle.Value); X509Certificate2 certificateWithPrivateKey = new X509Certificate2(privateKeyBytes); certificates.Add(certificateWithPrivateKey); } } if (certificateItemsPage.NextPageLink == null) { break; } certificateItemsPage = await client.GetCertificateVersionsNextAsync(certificateItemsPage.NextPageLink); } return(certificates); }
/// <summary> /// Obtain the <see cref="SigningCredentials"/> to be used when signing a new JSON Web Token. /// </summary> /// <param name="keyVaultSettings">Settings that can be used to access a key vault with the signing certificate.</param> /// <param name="certificateSettings">Settings to identify a certificate stored on the file system.</param> /// <returns>The <see cref="SigningCredentials"/>.</returns> public static async Task <SigningCredentials> GetSigningCredentials(KeyVaultSettings keyVaultSettings, CertificateSettings certificateSettings) { await Semaphore.WaitAsync(); try { if (_signingCredentialsUpdateTime > DateTime.Now && _signingCredentials != null) { return(_signingCredentials); } X509Certificate2 cert; if (string.IsNullOrEmpty(keyVaultSettings.ClientId) || string.IsNullOrEmpty(keyVaultSettings.ClientSecret)) { cert = new X509Certificate2(certificateSettings.CertificatePath, certificateSettings.CertificatePwd); } else { KeyVaultClient client = KeyVaultSettings.GetClient(keyVaultSettings.ClientId, keyVaultSettings.ClientSecret); CertificateBundle certificate = await client.GetCertificateAsync(keyVaultSettings.SecretUri, certificateSettings.CertificateName); SecretBundle secret = await client.GetSecretAsync(certificate.SecretIdentifier.Identifier); byte[] pfxBytes = Convert.FromBase64String(secret.Value); cert = new X509Certificate2(pfxBytes); } _signingCredentials = new X509SigningCredentials(cert, SecurityAlgorithms.RsaSha256); // Reuse the same SigningCredentials for 30 minutes _signingCredentialsUpdateTime = DateTime.Now.AddMinutes(30); return(_signingCredentials); } finally { Semaphore.Release(); } }
/// <inheritdoc /> public async Task <List <X509Certificate2> > GetCertificates() { await _semaphore.WaitAsync(); try { if (_certificateUpdateTime > DateTime.Now && _certificates != null) { return(_certificates); } _certificates = new List <X509Certificate2>(); if (string.IsNullOrEmpty(_keyVaultSettings.ClientId) || string.IsNullOrEmpty(_keyVaultSettings.ClientSecret)) { _certificates.Add(new X509Certificate2(_certificateSettings.CertificatePath, _certificateSettings.CertificatePwd)); } else { KeyVaultClient client = KeyVaultSettings.GetClient(_keyVaultSettings.ClientId, _keyVaultSettings.ClientSecret); CertificateBundle certificate = await client.GetCertificateAsync(_keyVaultSettings.SecretUri, _certificateSettings.CertificateName); SecretBundle secret = await client.GetSecretAsync(certificate.SecretIdentifier.Identifier); byte[] pfxBytes = Convert.FromBase64String(secret.Value); _certificates.Add(new X509Certificate2(pfxBytes)); } // Reuse the same list of certificates for 30 minutes. _certificateUpdateTime = DateTime.Now.AddMinutes(30); return(_certificates); } finally { _semaphore.Release(); } }
public static IWebHostBuilder UseCustomConfiguration(this IWebHostBuilder host) { host.ConfigureAppConfiguration((hostingContext, config) => { config .AddJsonFile("appsettings.json", optional: false) .AddEnvironmentVariables(ConfigPrefix); var tmpConfig = config.Build(); var keyVault = new KeyVaultSettings(tmpConfig); if (keyVault.Enabled) { config .AddAzureKeyVault( keyVault.Vault, keyVault.ClientId, keyVault.ClientSecret, new KeyVaultManager(ConfigPrefix)); } }); return(host); }
/// <summary> /// Get the correct certificate from the keyvault /// </summary> /// <param name="issuer">The org or platform identificator</param> /// <returns>returns a cert</returns> private async Task <X509Certificate2> GetSigningCertFromKeyVault(string issuer) { string cacheKey = $"cert-access-token-{issuer}"; if (!_memoryCache.TryGetValue(cacheKey, out X509Certificate2 cert)) { // Key not in cache, set getting the secret from KeyVault string secretName = $"{issuer}-access-token-public-cert"; KeyVaultClient client = KeyVaultSettings.GetClient(_keyVaultSettings.ClientId, _keyVaultSettings.ClientSecret); SecretBundle secret = await client.GetSecretAsync(_keyVaultSettings.SecretUri, secretName); byte[] certBytes = Convert.FromBase64String(secret.Value); cert = new X509Certificate2(certBytes); // Set the cache options MemoryCacheEntryOptions cacheEntryOptions = new MemoryCacheEntryOptions() .SetPriority(CacheItemPriority.High) .SetAbsoluteExpiration(new TimeSpan(0, 0, _accessTokenSettings.CacheCertLifetimeInSeconds)); _memoryCache.Set(cacheKey, cert, cacheEntryOptions); } return(cert); }
public static IServiceCollection AddDataProtection(this IServiceCollection services, IConfiguration configuration) { var protectionSettings = new DataProtectionSettings(configuration); if (protectionSettings.Enabled) { var protection = services .AddDataProtection() .PersistKeysToAzureBlobStorage(protectionSettings.BlobUriWithSas); var vaultSettings = new KeyVaultSettings(configuration); if (vaultSettings.Enabled) { protection.ProtectKeysWithAzureKeyVault( protectionSettings.VaultKeyIdentifier, vaultSettings.ClientId, vaultSettings.ClientSecret); } return(protection.Services); } return(services); }
/// <summary> /// Initialise a new instance of <see cref="OpenIdController"/> with the given input values. /// </summary> /// <param name="generalSettings">The application general settings.</param> /// <param name="certSettings">The settings section for certificate information.</param> /// <param name="keyVaultSettings">The settings section for the platform key vault.</param> public OpenIdController(IOptions <GeneralSettings> generalSettings, IOptions <CertificateSettings> certSettings, IOptions <KeyVaultSettings> keyVaultSettings) { this.generalSettings = generalSettings.Value; this.certSettings = certSettings.Value; this.keyVaultSettings = keyVaultSettings.Value; }
private static IKeyVaultSecretClientFactory InitializeSecretClientInstance(IConfiguration configuration, KeyVaultSettings keyVaultSettings) { TokenCredential credential = new DefaultAzureCredential(); #if DEBUG credential = new ClientSecretCredential(keyVaultSettings.AzureTenantId, keyVaultSettings.AzureApplicationClientId, keyVaultSettings.AzureApplicationClientSecret); #endif var secretClient = new SecretClient(new Uri(keyVaultSettings.KeyVaultUrl), credential); return(new KeyVaultSecretClientFactory(secretClient)); }
// This method gets called by the runtime. Use this method to add services to the container. // For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=398940 public void ConfigureServices(IServiceCollection services) { var cfgBuilder = new ConfigurationBuilder() .SetBasePath(Directory.GetCurrentDirectory()) .AddJsonFile($"appsettings.json", true, true) .AddJsonFile($"appsettings.dev.json", true, true) .AddJsonFile($"local.settings.json", true, true) .AddEnvironmentVariables(); var configuration = cfgBuilder.Build(); var stravaSettings = new StravaSettings(); configuration.GetSection("strava").Bind(stravaSettings); var logSettings = new LogSettings(); configuration.GetSection("logging").Bind(logSettings); var apiSettings = new CotacolApiSettings(); configuration.GetSection("api").Bind(apiSettings); var kvSettings = new KeyVaultSettings(); configuration.GetSection("keyvault").Bind(kvSettings); services.AddDbContext <ApplicationDbContext>(options => options.UseSqlite( Configuration.GetConnectionString("DefaultConnection"))); services.AddDefaultIdentity <CotacolUser>(options => { options.SignIn.RequireConfirmedAccount = false; options.SignIn.RequireConfirmedEmail = false; options.SignIn.RequireConfirmedPhoneNumber = false; }) .AddEntityFrameworkStores <ApplicationDbContext>(); services.AddRazorPages(); services.AddServerSideBlazor().AddHubOptions(config => config.MaximumReceiveMessageSize = 1048576); if (!string.IsNullOrEmpty(kvSettings?.KeySasBlobUri)) { services.AddDataProtection() // .PersistKeysToFileSystem(new DirectoryInfo("/Users/samvanhoutte/Temp/bbb/ee")); .PersistKeysToAzureBlobStorage(new Uri($"{kvSettings.KeySasBlobUri}")) .ProtectKeysWithAzureKeyVault(new Uri(kvSettings.KeyKeyvaultUri), new DefaultAzureCredential()); // .PersistKeysToFileSystem(new DirectoryInfo(Configuration["KeyPersistenceLocation"])); } // Strava authentication services.AddAuthentication(options => { //options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme; //options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme; options.DefaultChallengeScheme = "Strava"; }) .AddCookie() .AddOAuth("Strava", "Strava", options => { options.ClientId = stravaSettings.ClientId; options.ClientSecret = stravaSettings.ClientOauthSecret; options.CallbackPath = "/stravalogin"; //"/signin-strava"; options.SaveTokens = true; // Save the auth/refresh token for later retrieval options.SignInScheme = IdentityConstants.ExternalScheme; options.AuthorizationEndpoint = "https://www.strava.com/oauth/authorize"; options.TokenEndpoint = stravaSettings.AccessTokenUrl; options.UserInformationEndpoint = "https://www.strava.com/api/v3/athlete"; options.Scope.Clear(); options.Scope.Add( "read,read_all,activity:read_all,activity:read,activity:write,profile:write"); options.Events = new OAuthEvents { OnCreatingTicket = async context => { var request = new HttpRequestMessage(HttpMethod.Get, context.Options.UserInformationEndpoint); request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", context.AccessToken); var response = await context.Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, context.HttpContext.RequestAborted); response.EnsureSuccessStatusCode(); var claimsJson = await response.Content.ReadAsStringAsync(); //context.RunClaimActions(user.RootElement); var userSettings = context.AddClaims(claimsJson); } }; options.Validate(); }); services.AddHttpContextAccessor(); // Dependency injection services .AddScoped <AuthenticationStateProvider, RevalidatingIdentityAuthenticationStateProvider <CotacolUser> >(); services.AddDatabaseDeveloperPageExceptionFilter(); services.AddOptions(); services.AddLogging(loggingbuilder => { loggingbuilder.ClearProvidersExceptFunctionProviders(); if (!string.IsNullOrEmpty(logSettings.ApplicationInsightsInstrumentationKey)) { loggingbuilder.AddSerilog( CreateLogConfiguration(logSettings.ApplicationInsightsInstrumentationKey)); } }); services.AddScoped <IUserProfileManager, CotacolProfileManager>(); services.AddSingleton <WeatherForecastService>(); services.AddSingleton <ICotacolClient, CotacolApiClient>(); services.AddSingleton <ICotacolUserClient, CotacolApiUserClient>(); services.AddSingleton <ISecretReader, KeyVaultReader>(); services.AddMatBlazor(); services .Configure <CotacolApiSettings>(options => configuration.GetSection("api").Bind(options)) .Configure <StravaSettings>(options => configuration.GetSection("strava").Bind(options)) .Configure <KeyVaultSettings>(options => configuration.GetSection("keyvault").Bind(options)); // Inject HttpClient, required by MatBlazor components if (services.All(x => x.ServiceType != typeof(HttpClient))) { services.AddScoped( s => { var navigationManager = s.GetRequiredService <NavigationManager>(); return(new HttpClient { BaseAddress = new Uri(navigationManager.BaseUri) }); }); } }
public KeyVaultTaskSettings(KeyVaultSettings keyVaultSettings) { ClientId = keyVaultSettings.ClientId; ClientSecret = keyVaultSettings.Secret; VaultBaseUrl = keyVaultSettings.BaseUrl; }
/// <summary> /// Default constructor /// </summary> /// <param name="keyVaultSettings">The keyvault settings</param> /// <param name="accessTokenSettings">Settings for access token</param> /// <param name="memoryCache">Memory cache</param> public SigningKeysResolver(IOptions <KeyVaultSettings> keyVaultSettings, IOptions <AccessTokenSettings> accessTokenSettings, IMemoryCache memoryCache) { _accessTokenSettings = accessTokenSettings.Value; _keyVaultSettings = keyVaultSettings.Value; _memoryCache = memoryCache; }
public KeyVaultModule( IReloadingManager <AppSettings> appSettings) { _keyVaultSettings = appSettings.CurrentValue.QuorumTransactionSignerService.KeyVault; }
public void ConfigureServices(IServiceCollection services) { ConfigureSession(services); services.AddMvc(); ILuisSettings luisSettings = new LuisSettings(Configuration.GetSection("Luis")); services.AddSingleton(luisSettings); IBingSettings bingSettings = new BingSettings(Configuration.GetSection("Bing")); services.AddSingleton(bingSettings); IShareSettings shareSettings = new ShareSettings(Configuration.GetSection("Share")); services.AddSingleton(shareSettings); IKeyVaultSettings keyVaultSettings = new KeyVaultSettings(Configuration.GetSection("KeyVault")); services.AddSingleton(keyVaultSettings); IAdminSettings adminSettings = new AdminSettings(Configuration.GetSection("Admin")); services.AddSingleton(adminSettings); IOnboardingInfoSettings onboardingInfoSettings = new OnboardingInfoSettings(Configuration.GetSection("EmailService"), Configuration.GetSection("KeyVault")); services.AddSingleton(onboardingInfoSettings); IQnAMakerSettings qnAMakerSettings = new QnAMakerSettings(Configuration.GetSection("QnAMaker")); services.AddSingleton(qnAMakerSettings); services.AddSingleton <ILuisProxy, LuisProxy>(); services.AddSingleton <ILuisBusinessLogic, LuisBusinessLogic>(); services.AddSingleton <ITopicsResourcesBusinessLogic, TopicsResourcesBusinessLogic>(); services.AddSingleton <IWebSearchBusinessLogic, WebSearchBusinessLogic>(); services.AddSingleton <ICuratedExperienceConvertor, A2JAuthorBusinessLogic>(); services.AddSingleton <ICuratedExperienceBusinessLogic, CuratedExperienceBuisnessLogic>(); services.AddTransient <IHttpClientService, HttpClientService>(); services.AddSingleton <IUserProfileBusinessLogic, UserProfileBusinessLogic>(); services.AddSingleton <IPersonalizedPlanBusinessLogic, PersonalizedPlanBusinessLogic>(); services.AddSingleton <IStaticResourceBusinessLogic, StaticResourceBusinessLogic>(); services.AddSingleton <IShareBusinessLogic, ShareBusinessLogic>(); services.AddSingleton <ICuratedExperienceConvertor, A2JAuthorBusinessLogic>(); services.AddSingleton <IPersonalizedPlanEngine, PersonalizedPlanEngine>(); services.AddSingleton <IA2JAuthorLogicParser, LogicParser>(); services.AddSingleton <IA2JAuthorLogicInterpreter, LogicInterpreter>(); services.AddSingleton <IPersonalizedPlanViewModelMapper, PersonalizedPlanViewModelMapper>(); services.AddSingleton <IUserRoleBusinessLogic, UserRoleBusinessLogic>(); services.AddSingleton <IHttpContextAccessor, HttpContextAccessor>(); services.AddSingleton <ISessionManager, SessionManager>(); services.AddSingleton <IAdminBusinessLogic, AdminBusinessLogic>(); services.AddSingleton <IStateProvinceBusinessLogic, StateProvinceBusinessLogic>(); services.AddSingleton <IOnboardingInfoBusinessLogic, OnboardingInfoBusinessLogic>(); services.AddSingleton <IQnABotBusinessLogic, QnABotBusinessLogic>(); services.AddAuthentication(sharedOptions => { sharedOptions.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; }).AddAzureAdBearer(options => Configuration.Bind("AzureAd", options)); services.AddAuthorization(options => { options.DefaultPolicy = new AuthorizationPolicyBuilder(JwtBearerDefaults.AuthenticationScheme) .RequireAuthenticatedUser() .Build(); }); ConfigureCosmosDb(services); services.AddSwaggerGen(c => { c.SwaggerDoc("v1", new Info { Title = "Access2Justice API", Version = "1.0.0", Description = "List of all APIs for Access2Justice", TermsOfService = "None" }); c.TagActionsBy(api => api.GroupName); c.DescribeAllEnumsAsStrings(); c.OrderActionsBy((apiDesc) => $"{apiDesc.RelativePath}_{apiDesc.HttpMethod}"); c.OperationFilter <FileUploadOperation>(); //Register File Upload Operation Filter c.OperationFilter <FileUploadOperationResource>(); c.CustomSchemaIds(x => x.FullName); var xmlFile = $"{Assembly.GetExecutingAssembly().GetName().Name}.xml"; var xmlPath = Path.Combine(AppContext.BaseDirectory, xmlFile); c.IncludeXmlComments(xmlPath); }); }
public static KeyVaultTaskSettings Set(this KeyVaultTaskSettings keyVaultTaskSettings, KeyVaultSettings settings) { keyVaultTaskSettings = keyVaultTaskSettings.NewInstance(); keyVaultTaskSettings.ClientId = settings.ClientId; keyVaultTaskSettings.ClientSecret = settings.Secret; keyVaultTaskSettings.VaultBaseUrl = settings.BaseUrl; return(keyVaultTaskSettings); }