public static ILetsEncryptBuilder ConfigureCertificateWithFileStore(
this ILetsEncryptBuilder builder,
string section = "LetsEncrypt:Certificate",
string?rootPath = null,
Action <CertificateOptions, IServiceProvider>?configure = null)
{
builder.Services
.AddOptions <FileCertificateStoreOptions>(builder.Name)
.Configure(options =>
{
if (string.IsNullOrEmpty(rootPath))
{
options.RootPath = Path.Combine(
GetFolderPath(SpecialFolder.UserProfile, SpecialFolderOption.DoNotVerify),
".acme");
}
else
{
options.RootPath = rootPath;
}
options.NamedOption = builder.Name;
options.Configured = true;
});
builder.Services.AddChangeTokenOptions(section, builder.Name, configure);
return(builder);
}
public static ILetsEncryptBuilder ConfigureAcmeAccountWitAzureStorageStore(
this ILetsEncryptBuilder builder,
string section = "LetsEncrypt:AcmeAccount",
string blobSection = "AcmeAccount",
string blobRootSection = "LetsEncrypt:StorageBlobs",
Action <AcmeAccountOptions, IServiceProvider>?configure = null,
Action <StorageBlobOptions>?storageConfigure = null)
{
builder.Services
.AddAzureStorageAccount("letsencrypt")
.AddAzureBlobContainer($"{builder.Name}-account", blobSection, blobRootSection, storageConfigure);
builder.Services
.AddOptions <AzureAcmeAccountStoreOptions>(builder.Name)
.Configure(options =>
{
options.NamedOption = builder.Name;
options.Configured = true;
});
builder.Services.AddChangeTokenOptions <AcmeAccountOptions>(
section,
builder.Name,
(options, sp) =>
{
configure?.Invoke(options, sp);
options.AccountStore = sp.GetServices <IAcmeAccountStore>().First(x => x is AzureAcmeAccountStore);
});
return(builder);
}
public static ILetsEncryptBuilder AddInMemoryProvider(this ILetsEncryptBuilder builder)
{
if (!builder.Services.Any(x => x.ServiceType == typeof(IChallengeStore)))
{
builder.Services.AddSingleton <IChallengeStore, ChallengeStore>();
builder.Services.AddSingleton <IChallengeStoreProvider, InMemoryChallengeStoreProvider>();
}
if (!builder.Services.Any(x => x.ServiceType == typeof(ICertificateStore)))
{
builder.Services.AddSingleton <ICertificateStore, CertificateStore>();
builder.Services.AddSingleton <ICertificateStoreProvider, InMemoryCertificateStoreProvider>();
}
return(builder);
}
public static ILetsEncryptBuilder AddHttpChallengeResponse(this ILetsEncryptBuilder builder)
{
builder.Services.AddLogging();
builder.Services.AddSingleton <HttpChallenge>();
builder.Services
.AddOptions <KestrelServerOptions>()
.Configure <KestrelCertificateSelector>((options, certificateSelector) =>
{
options.ConfigureHttpsDefaults(o => o.ServerCertificateSelector = certificateSelector.Select);
});
builder.Services
.AddSingleton <DevelopmentCertificate>()
.AddSingleton(sp =>
{
var validator = sp.GetRequiredService <ICertificateValidator>();
return(new KestrelCertificateSelector(builder.Name, validator));
});
builder.Services.Add(ServiceDescriptor.Describe(
typeof(IHostedService),
sp => new StartupCertificateLoader(builder.Name, sp),
ServiceLifetime.Singleton));
builder.Services
.AddSingleton <IStartupFilter, HttpChallengeStartupFilter>();
builder.Services
.AddOptions <HttpChallengeResponseOptions>(string.Empty) // TODO: figure out how to tie it to builder.Name
.Configure <IServiceProvider>((options, sp) =>
{
options.ChallengeStore = sp.GetServices <IAcmeChallengeStore>().First(x => x is InMemoryChallengeStore);
});
builder.Services.AddSchedulerJob <AcmeRenewalJob, AcmeRenewalJobOptions>(sectionName: "LetsEncrypt");
return(builder);
}
public static ILetsEncryptBuilder AddDnsChallengeResponse(
this ILetsEncryptBuilder builder,
string section = "LetsEncrypt:AzureAuthentication",
Action <AzureAuthenticationOptions>?configure = null)
{
builder.Services.AddScoped((sp) => new LookupClient(new LookupClientOptions {
UseCache = false
}));
builder.Services.AddScoped <AzureDnsChallenge>();
builder.Services
.AddOptions <AzureAuthenticationOptions>(builder.Name)
.Configure <IConfiguration>((options, configuration) =>
{
configuration.Bind(section, options);
configure?.Invoke(options);
});
return(builder);
}
public static ILetsEncryptBuilder ConfigureAcmeOrderWithInMemoryStore(
this ILetsEncryptBuilder builder,
string section = "LetsEncrypt:AcmeOrder",
Action <AcmeOrderOptions, IServiceProvider>?configure = null)
{
builder.Services
.AddOptions <ChallengeStoreOptions>(builder.Name)
.Configure(options =>
{
options.Configured = true;
});
builder.Services.AddChangeTokenOptions <AcmeOrderOptions>(
section,
builder.Name,
(options, sp) =>
{
configure?.Invoke(options, sp);
options.ChallengesStore = sp.GetServices <IAcmeChallengeStore>().First(x => x is InMemoryChallengeStore);
});
return(builder);
}
public static ILetsEncryptBuilder ConfigureAcmeOrderWithFileStore(
this ILetsEncryptBuilder builder,
string section = "LetsEncrypt:AcmeOrder",
string?rootPath = null,
Action <AcmeOrderOptions, IServiceProvider>?configure = null)
{
builder.Services
.AddOptions <FileChallengeStoreOptions>(builder.Name)
.Configure(options =>
{
if (string.IsNullOrEmpty(rootPath))
{
options.RootPath = Path.Combine(
GetFolderPath(SpecialFolder.UserProfile, SpecialFolderOption.DoNotVerify),
".acme",
"challenges");
}
else
{
options.RootPath = rootPath;
}
options.Configured = true;
});
builder.Services.AddChangeTokenOptions <AcmeOrderOptions>(
section,
builder.Name,
(options, sp) =>
{
configure?.Invoke(options, sp);
options.ChallengesStore = sp.GetServices <IAcmeChallengeStore>().First(x => x is FileChallengeStore);
});
return(builder);
}
public static ILetsEncryptBuilder ConfigureCertificateWithAzureStorageStore(
this ILetsEncryptBuilder builder,
string section = "LetsEncrypt:Certificate",
string blobSection = "Certificates",
string blobRootSection = "LetsEncrypt:StorageBlobs",
Action <CertificateOptions, IServiceProvider>?configure = null,
Action <StorageBlobOptions>?storageConfigure = null)
{
builder.Services
.AddAzureStorageAccount("letsencrypt")
.AddAzureBlobContainer($"{builder.Name}-cert", blobSection, blobRootSection, storageConfigure);
builder.Services
.AddOptions <AzureCertificateStoreOptions>(builder.Name)
.Configure(options =>
{
options.NamedOption = builder.Name;
options.Configured = true;
});
builder.Services.AddChangeTokenOptions(section, builder.Name, configure);
return(builder);
}
