/// <summary> /// Configures the data protection system to persist keys to the specified database and collection in MongoDB. /// </summary> /// <param name="builder">The builder instance to modify.</param> /// <param name="database">Database used to store the key list.</param> /// <param name="collectionName">Collection used to store the key list.</param> /// <returns>A reference to the <see cref="IDataProtectionBuilder"/> after this operation has completed.</returns> public static IDataProtectionBuilder PersistKeysToMongoDb(this IDataProtectionBuilder builder, IMongoDatabase database, string collectionName) { if (database is null) { throw new ArgumentNullException(nameof(database)); } return(builder.PersistKeysToMongoDb(database.GetCollection <MongoDbXmlKey>(collectionName))); }
/// <summary> /// Configures the data protection system to persist keys to the specified database and collection in MongoDB. /// </summary> /// <param name="builder">The builder instance to modify.</param> /// <param name="connectionString">MongoDB connection url.</param> /// <param name="databaseName">Database used to store the key list.</param> /// <param name="collectionName">Collection used to store the key list.</param> /// <returns>A reference to the <see cref="IDataProtectionBuilder"/> after this operation has completed.</returns> public static IDataProtectionBuilder PersistKeysToMongoDb(this IDataProtectionBuilder builder, string connectionString, string databaseName, string collectionName) { return(builder.PersistKeysToMongoDb(new MongoClient(connectionString).GetDatabase(databaseName), collectionName)); }
public static IDataProtectionBuilder ConfigureDataProtection(this IDataProtectionBuilder builder, IConfiguration configuration) { var dataProtectionsOptions = configuration.Get <Aguacongas.TheIdServer.Models.DataProtectionOptions>(); if (dataProtectionsOptions == null) { return(builder); } builder.AddKeyManagementOptions(options => configuration.GetSection(nameof(KeyManagementOptions))?.Bind(options)); ConfigureEncryptionAlgorithm(builder, configuration); switch (dataProtectionsOptions.StorageKind) { case StorageKind.AzureStorage: builder.PersistKeysToAzureBlobStorage(blobSasUri: new Uri(dataProtectionsOptions.StorageConnectionString)); break; case StorageKind.EntityFramework: builder.PersistKeysToDbContext <OperationalDbContext>(); break; case StorageKind.RavenDb: builder.PersistKeysToRavenDb(); break; case StorageKind.MongoDb: builder.PersistKeysToMongoDb(); break; case StorageKind.FileSystem: builder.PersistKeysToFileSystem(new DirectoryInfo(dataProtectionsOptions.StorageConnectionString)); break; case StorageKind.Redis: var redis = ConnectionMultiplexer.Connect(dataProtectionsOptions.StorageConnectionString); if (string.IsNullOrEmpty(dataProtectionsOptions.RedisKey)) { builder.PersistKeysToStackExchangeRedis(redis); break; } builder.PersistKeysToStackExchangeRedis(redis, dataProtectionsOptions.RedisKey); break; case StorageKind.Registry: #pragma warning disable CA1416 // Validate platform compatibility builder.PersistKeysToRegistry(Registry.CurrentUser.OpenSubKey(dataProtectionsOptions.StorageConnectionString)); #pragma warning restore CA1416 // Validate platform compatibility break; } var protectOptions = dataProtectionsOptions.KeyProtectionOptions; if (protectOptions != null) { switch (protectOptions.KeyProtectionKind) { case KeyProtectionKind.AzureKeyVault: builder.ProtectKeysWithAzureKeyVault(new Uri(protectOptions.AzureKeyVaultKeyId), new DefaultAzureCredential()); break; case KeyProtectionKind.WindowsDpApi: builder.ProtectKeysWithDpapi(protectOptions.WindowsDPAPILocalMachine); break; case KeyProtectionKind.WindowsDpApiNg: ConfigureWindowsDpApiNg(builder, protectOptions); break; case KeyProtectionKind.X509: if (!string.IsNullOrEmpty(protectOptions.X509CertificatePath)) { var certificate = SigningKeysLoader.LoadFromFile(protectOptions.X509CertificatePath, protectOptions.X509CertificatePassword, X509KeyStorageFlags.Exportable | X509KeyStorageFlags.UserKeySet); builder.ProtectKeysWithCertificate(certificate); break; } builder.ProtectKeysWithCertificate(protectOptions.X509CertificateThumbprint); break; } } return(builder); }