/// <summary>
/// Configured LettuceEncrypt on this HTTPS endpoint for Kestrel.
/// </summary>
/// <param name="httpsOptions">Kestrel's HTTPS configuration</param>
/// <param name="applicationServices"></param>
/// <returns>The original HTTPS options with some required settings added to it.</returns>
/// <exception cref="InvalidOperationException">
/// Raised if <see cref="LettuceEncryptServiceCollectionExtensions.AddLettuceEncrypt(Microsoft.Extensions.DependencyInjection.IServiceCollection)"/>
/// has not been used to add required services to the application service provider
/// </exception>
public static HttpsConnectionAdapterOptions UseLettuceEncrypt(
this HttpsConnectionAdapterOptions httpsOptions,
IServiceProvider applicationServices)
{
var selector = applicationServices.GetService <IServerCertificateSelector>();
if (selector is null)
{
throw new InvalidOperationException(MissingServicesMessage);
}
#if NETCOREAPP3_0
var tlsResponder = applicationServices.GetService <TlsAlpnChallengeResponder>();
if (tlsResponder is null)
{
throw new InvalidOperationException(MissingServicesMessage);
}
return(httpsOptions.UseLettuceEncrypt(selector, tlsResponder));
#elif NETSTANDARD2_0
return(httpsOptions.UseServerCertificateSelector(selector));
#else
#error Update TFMs
#endif
}
internal static HttpsConnectionAdapterOptions UseLettuceEncrypt(
this HttpsConnectionAdapterOptions httpsOptions,
IServerCertificateSelector selector,
TlsAlpnChallengeResponder tlsAlpnChallengeResponder
)
{
httpsOptions.OnAuthenticate = tlsAlpnChallengeResponder.OnSslAuthenticate;
httpsOptions.UseServerCertificateSelector(selector);
return(httpsOptions);
}
/// <summary>
/// Configured LettuceEncrypt on this HTTPS endpoint for Kestrel.
/// </summary>
/// <param name="httpsOptions">Kestrel's HTTPS configuration</param>
/// <param name="applicationServices"></param>
/// <returns>The original HTTPS options with some required settings added to it.</returns>
/// <exception cref="InvalidOperationException">
/// Raised if <see cref="LettuceEncryptServiceCollectionExtensions.AddLettuceEncrypt(Microsoft.Extensions.DependencyInjection.IServiceCollection)"/>
/// has not been used to add required services to the application service provider
/// </exception>
public static HttpsConnectionAdapterOptions UseLettuceEncrypt(
this HttpsConnectionAdapterOptions httpsOptions,
IServiceProvider applicationServices)
{
var selector = applicationServices.GetService <IServerCertificateSelector>();
if (selector is null)
{
throw new InvalidOperationException(MissingServicesMessage);
}
return(httpsOptions.UseServerCertificateSelector(selector));
}
internal static HttpsConnectionAdapterOptions UseLettuceEncrypt(
this HttpsConnectionAdapterOptions httpsOptions,
IServerCertificateSelector selector,
TlsAlpnChallengeResponder tlsAlpnChallengeResponder
)
{
// Check if this handler is already set. If so, chain our handler before it.
var otherHandler = httpsOptions.OnAuthenticate;
httpsOptions.OnAuthenticate = (ctx, options) =>
{
tlsAlpnChallengeResponder.OnSslAuthenticate(ctx, options);
otherHandler?.Invoke(ctx, options);
};
httpsOptions.UseServerCertificateSelector(selector);
return(httpsOptions);
}
