public BankIDHttpClientService( IHttpClientFactory httpClientFactory, IStatusHandler statusHandler, BankIDServiceSettings bankIdServiceSettings) { _httpClientFactory = httpClientFactory; _statusHandler = statusHandler; _bankIdServiceSettings = bankIdServiceSettings; }
//public BankIDHttpClientHandler() //{ // _telemetryClient = new TelemetryClient(); //} public BankIDHttpClientHandler(BankIDServiceSettings bankIdServiceSettings, TelemetryClient telemetryClient) { //TelemetryConfiguration.Active _telemetryClient = telemetryClient; // new TelemetryClient(); _bankIdServiceSettings = bankIdServiceSettings; //var bankIdServiceSettings = new BankIDServiceSettings(env); AllowAutoRedirect = false; AutomaticDecompression = DecompressionMethods.Deflate | DecompressionMethods.GZip; SslProtocols = SslProtocols.Tls12; // Hosting dependent config var hosting = Environment.GetEnvironmentVariable("ASPNETCORE_HOSTING"); if (!string.IsNullOrEmpty(hosting) && hosting.Equals("Azure")) { // https://docs.microsoft.com/en-us/azure/app-service/app-service-web-ssl-cert-load // server certificate X509Store certStore = new X509Store(StoreName.My, StoreLocation.CurrentUser); certStore.Open(OpenFlags.ReadOnly); X509Certificate2Collection caCertCollection = certStore.Certificates.Find( X509FindType.FindByThumbprint, _bankIdServiceSettings.CaCertThumbprint, false); if (caCertCollection.Count > 0) { X509Certificate2 caCert = caCertCollection[0]; var validator = new RootCaValidator(caCert); ServerCertificateCustomValidationCallback = validator.Validate; _telemetryClient.TrackTrace($"Loaded CA Cert {caCert.SubjectName?.Name}, {caCert.Thumbprint}", SeverityLevel.Information); } else { _telemetryClient.TrackTrace($"Could not load CA Cert", SeverityLevel.Critical); } X509Certificate2Collection rpCertCollection = certStore.Certificates.Find( X509FindType.FindByThumbprint, _bankIdServiceSettings.RpCertThumbprint, false); if (rpCertCollection.Count > 0) { X509Certificate2 rpCert = rpCertCollection[0]; ClientCertificates.Add(rpCert); _telemetryClient.TrackTrace($"Loaded RP Cert {rpCert.SubjectName?.Name}, {rpCert.Thumbprint}", SeverityLevel.Information); } else { _telemetryClient.TrackTrace($"Could not load RP Cert", SeverityLevel.Critical); } _telemetryClient.Flush(); certStore.Close(); } else { // Local SecureString secureString = new SecureString(); "qwerty123".ToCharArray().ToList().ForEach(p => secureString.AppendChar(p)); var rootCa = new X509Certificate2(_bankIdServiceSettings.CaCert); var validator = new RootCaValidator(rootCa); ServerCertificateCustomValidationCallback = validator.Validate; ClientCertificates.Add(new X509Certificate2(_bankIdServiceSettings.RpCert, secureString)); } }