/// <summary>
/// Load context from local file system if specified.
/// </summary>
/// <returns>The context.</returns>
private StartupContext GetStartupContextOrNull()
{
var contextPath = _environment.GetEnvironmentVariable(EnvironmentSettingNames.AzureWebsiteStartupContextCache);
if (!string.IsNullOrEmpty(contextPath))
{
try
{
contextPath = Environment.ExpandEnvironmentVariables(contextPath);
_logger.LogDebug($"Loading startup context from {contextPath}");
string content = File.ReadAllText(contextPath);
// Context files are onetime use. We delete after reading to ensure
// that we don't use a stale file in the future if the app recycles, etc.
// Dont' want to block on this file operation, so we kick it off in the background.
Task.Run(() => File.Delete(contextPath));
string decryptedContent = SimpleWebTokenHelper.Decrypt(content, environment: _environment);
var context = JsonConvert.DeserializeObject <StartupContext>(decryptedContent);
return(context);
}
catch (Exception ex)
{
// best effort
_logger.LogError(ex, "Failed to load startup context");
return(null);
}
}
else
{
return(null);
}
}
public HostAssignmentContext Decrypt(string key)
{
var encryptionKey = Convert.FromBase64String(key);
var decrypted = SimpleWebTokenHelper.Decrypt(encryptionKey, EncryptedContext);
return(JsonConvert.DeserializeObject <HostAssignmentContext>(decrypted));
}
public void EncryptShouldGenerateDecryptableValues(string valueToEncrypt)
{
var key = TestHelpers.GenerateKeyBytes();
var stringKey = TestHelpers.GenerateKeyHexString(key);
using (new TestScopedEnvironmentVariable(SettingsKeys.AuthEncryptionKey, stringKey))
{
var encrypted = SimpleWebTokenHelper.Encrypt(valueToEncrypt);
var decrypted = SimpleWebTokenHelper.Decrypt(key, encrypted);
Assert.Matches("(.*)[.](.*)[.](.*)", encrypted);
Assert.Equal(valueToEncrypt, decrypted);
}
}
/// <summary>
/// Decrypt and deserialize the specified context, and apply values from it to the
/// startup cache context.
/// </summary>
/// <param name="encryptedContext">The encrypted assignment context.</param>
/// <returns>The decrypted assignment context</returns>
public virtual HostAssignmentContext SetContext(EncryptedHostAssignmentContext encryptedContext)
{
string decryptedContext = SimpleWebTokenHelper.Decrypt(encryptedContext.EncryptedContext, environment: _environment);
var hostAssignmentContext = JsonConvert.DeserializeObject <HostAssignmentContext>(decryptedContext);
// apply values from the context to our cached context
Context = new StartupContext
{
Secrets = hostAssignmentContext.Secrets
};
return(hostAssignmentContext);
}
public void CreateTokenShouldCreateAValidToken()
{
var key = TestHelpers.GenerateKeyBytes();
var stringKey = TestHelpers.GenerateKeyHexString(key);
var timeStamp = DateTime.UtcNow;
Environment.SetEnvironmentVariable("WEBSITE_AUTH_ENCRYPTION_KEY", stringKey);
var token = SimpleWebTokenHelper.CreateToken(timeStamp);
var decrypted = SimpleWebTokenHelper.Decrypt(key, token);
Assert.Equal($"exp={timeStamp.Ticks}", decrypted);
}
public void EncryptShouldGenerateDecryptableValues(string valueToEncrypt)
{
var key = TestHelpers.GenerateKeyBytes();
var stringKey = TestHelpers.GenerateKeyHexString(key);
Environment.SetEnvironmentVariable("WEBSITE_AUTH_ENCRYPTION_KEY", stringKey);
var encrypted = SimpleWebTokenHelper.Encrypt(valueToEncrypt);
var decrypted = SimpleWebTokenHelper.Decrypt(key, encrypted);
Assert.Matches("(.*)[.](.*)[.](.*)", encrypted);
Assert.Equal(valueToEncrypt, decrypted);
}
public void CreateTokenShouldCreateAValidToken()
{
var key = TestHelpers.GenerateKeyBytes();
var stringKey = TestHelpers.GenerateKeyHexString(key);
var timeStamp = DateTime.UtcNow;
using (new TestScopedEnvironmentVariable(SettingsKeys.AuthEncryptionKey, stringKey))
{
var token = SimpleWebTokenHelper.CreateToken(timeStamp);
var decrypted = SimpleWebTokenHelper.Decrypt(key, token);
Assert.Equal($"exp={timeStamp.Ticks}", decrypted);
}
}
public HostAssignmentContext Decrypt(string key)
{
var decrypted = SimpleWebTokenHelper.Decrypt(key.ToKeyBytes(), EncryptedContext);
return(JsonConvert.DeserializeObject <HostAssignmentContext>(decrypted));
}