Exemple #1
0
        /// <summary>
        /// Adds data protection services
        /// </summary>
        /// <param name="services">Collection of service descriptors</param>
        public static void AddNopDataProtection(this IServiceCollection services)
        {
            //check whether to persist data protection in Redis
            var appSettings = services.BuildServiceProvider().GetRequiredService <AppSettings>();

            if (appSettings.RedisConfig.Enabled && appSettings.RedisConfig.StoreDataProtectionKeys)
            {
                //store keys in Redis
                services.AddDataProtection().PersistKeysToStackExchangeRedis(() =>
                {
                    //For some reason, data protection services are registered earlier. This configuration is called even before the request queue starts.
                    //Service provider has not yet been built and we cannot get the required service.
                    //So we create a new instance of RedisConnectionWrapper() bypassing the DI.
                    var redisConnectionWrapper = new RedisConnectionWrapper(appSettings);
                    return(redisConnectionWrapper.GetDatabase(appSettings.RedisConfig.DatabaseId ?? (int)RedisDatabaseNumber.DataProtectionKeys));
                }, NopDataProtectionDefaults.RedisDataProtectionKey);
            }
            else if (appSettings.AzureBlobConfig.Enabled && appSettings.AzureBlobConfig.StoreDataProtectionKeys)
            {
                var cloudStorageAccount = CloudStorageAccount.Parse(appSettings.AzureBlobConfig.ConnectionString);

                var client    = cloudStorageAccount.CreateCloudBlobClient();
                var container = client.GetContainerReference(appSettings.AzureBlobConfig.DataProtectionKeysContainerName);

                var dataProtectionBuilder = services.AddDataProtection().PersistKeysToAzureBlobStorage(container, NopDataProtectionDefaults.AzureDataProtectionKeyFile);

                if (!appSettings.AzureBlobConfig.DataProtectionKeysEncryptWithVault)
                {
                    return;
                }

                var tokenProvider  = new AzureServiceTokenProvider();
                var keyVaultClient = new KeyVaultClient(new KeyVaultClient.AuthenticationCallback(tokenProvider.KeyVaultTokenCallback));

                dataProtectionBuilder.ProtectKeysWithAzureKeyVault(keyVaultClient, appSettings.AzureBlobConfig.DataProtectionKeysVaultId);
            }
            else
            {
                var dataProtectionKeysPath   = CommonHelper.DefaultFileProvider.MapPath(NopDataProtectionDefaults.DataProtectionKeysPath);
                var dataProtectionKeysFolder = new System.IO.DirectoryInfo(dataProtectionKeysPath);

                //configure the data protection system to persist keys to the specified directory
                services.AddDataProtection().PersistKeysToFileSystem(dataProtectionKeysFolder);
            }
        }