private static JwtAuthTicketFormat createAuthTicketFormat(IHostEnvironment hostEnv, IDataProtectionProvider?dataProtectionProvider, IConfiguration config)
{
var xtiAuthOptions = config.GetSection(XtiAuthenticationOptions.XtiAuthentication).Get <XtiAuthenticationOptions>();
var key = Encoding.ASCII.GetBytes(xtiAuthOptions.JwtSecret);
var dataSerializer = new TicketSerializer();
if (dataProtectionProvider == null)
{
var xtiFolder = new XtiFolder(hostEnv);
var keyDirPath = xtiFolder.SharedAppDataFolder()
.WithSubFolder("Keys")
.Path();
dataProtectionProvider = DataProtectionProvider.Create(new DirectoryInfo(keyDirPath));
}
var dataProtector = dataProtectionProvider.CreateProtector(new[] { "XTI_Apps_Auth1" });
var authTicketFormat = new JwtAuthTicketFormat
(
new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(key),
ValidateIssuer = false,
ValidateAudience = false
},
dataSerializer,
dataProtector
);
return(authTicketFormat);
}
internal SharedFileSecretCredentials(XtiFolder xtiFolder, string key, IDataProtector dataProtector)
: base(key, dataProtector)
{
sharedAppDataFolder = xtiFolder
.SharedAppDataFolder()
.WithSubFolder("Secrets");
}
public static void AddXtiDataProtection(this IServiceCollection services, XtiEnvironment environment)
{
const string appName = "XTI_App";
var keyDirPath = new XtiFolder(environment)
.SharedAppDataFolder()
.WithSubFolder("Keys")
.Path();
services
.AddDataProtection
(
options => options.ApplicationDiscriminator = appName
)
.PersistKeysToFileSystem(new DirectoryInfo(keyDirPath))
.SetApplicationName(appName);
}
public static void AddFileSecretCredentials(this IServiceCollection services, XtiEnvironment environment)
{
services.AddXtiDataProtection(environment);
services.AddSingleton <ISecretCredentialsFactory>(sp =>
{
var xtiFolder = new XtiFolder(environment);
var dataProtector = sp.GetDataProtector(new[] { "XTI_Secrets" });
return(new FileSecretCredentialsFactory(xtiFolder, dataProtector));
});
services.AddSingleton(sp => (SecretCredentialsFactory)sp.GetRequiredService <ISecretCredentialsFactory>());
services.AddSingleton <ISharedSecretCredentialsFactory>(sp =>
{
var xtiFolder = new XtiFolder(environment);
var dataProtector = sp.GetDataProtector(new[] { "XTI_Secrets" });
return(new SharedFileSecretCredentialsFactory(xtiFolder, dataProtector));
});
}
public static IConfigurationBuilder UseXtiConfiguration(this IConfigurationBuilder config, XtiEnvironment environment, string appName, string appType, string[] args)
{
config.Sources.Clear();
var xtiFolder = new XtiFolder(environment);
var settingsPaths = xtiFolder.SettingsPaths(appName, appType);
foreach (var path in settingsPaths)
{
config.AddJsonFile
(
path,
optional: true,
reloadOnChange: true
);
}
config.AddEnvironmentVariables();
if (args != null)
{
config.AddCommandLine(args);
}
return(config);
}
public FileSecretCredentialsFactory(XtiFolder xtiFolder, IDataProtector dataProtector)
: base(dataProtector)
{
this.xtiFolder = xtiFolder;
}
