public static IIdentityServerBuilder AddVaultCertificateStore(this IIdentityServerBuilder builder, VaultCertificateStoreOptions vaultOptions) { builder.Services.AddSingleton(vaultOptions); builder.Services.AddSingleton <IVaultClient>(resolver => new VaultClient(resolver.GetService <IVaultAuth>(), vaultOptions.VaultUrl, vaultOptions.VaultCertificate)); builder.Services.AddSingleton <IVaultCertificateStore>(resolver => new VaultCertificateStore(resolver.GetService <IVaultClient>(), vaultOptions.RoleName, vaultOptions.CommonName, resolver.GetService <ILogger <VaultCertificateStore> >()) ); builder.Services.AddSingleton <IX509Certificate2Helper, X509Certificate2Helper>(); builder.Services.AddSingleton <IRSACryptoServiceProviderHelper, RsaCryptoServiceProviderHelper>(); builder.Services.AddSingleton <IVaultCertificateService, VaultCertificateService>(); builder.Services.AddSingleton <ISigningCredentialStore, VaultSigningCredentialStore>(); builder.Services.AddSingleton <IValidationKeysStore, VaultValidationKeysStore>(); return(builder); }
private static void AddVaultCertificateStore(this IdentityServerOptions options, VaultCertificateStoreOptions vaultOptions, IVaultAuth vaultAuth) { // This isn't great but we need a cert at startup var client = new VaultClient(vaultAuth, vaultOptions.VaultUrl, vaultOptions.VaultCertificate); var certificateStore = new VaultCertificateStore(client, vaultOptions.RoleName, vaultOptions.CommonName); var certificateHelper = new X509Certificate2Helper(); var privateKeyHelper = new RsaCryptoServiceProviderHelper(); var vaultService = new VaultCertificateService(options, certificateStore, certificateHelper, privateKeyHelper); vaultService.GetCertificates(); // Register our dependencies options.Factory.Register(new Registration <IVaultCertificateService>(vaultService)); options.Factory.SigningKeyService = new Registration <ISigningKeyService, VaultTokenSigningKeyService>(); }