private static SMTPClientSettings Parse(IConfigurationSection section, Func <string, string>?secureManager) { return(new SMTPClientSettings( section.GetValue <string>("Host"), section.GetValue("Port", 0), section.GetValue("UseSsl", false), section.GetValue <string?>("Sender"), CryptographyUtils.UnsealData(section.GetValue <string?>("UserName"), secureManager), CryptographyUtils.UnsealData(section.GetValue <string?>("Password"), secureManager) )); }
/// <summary> /// Constructor /// 构造函数 /// </summary> /// <param name="httpClient">Http client, use IHttpClientFactory to create, services.AddHttpClient</param> /// <param name="smsUser">SMS User</param> /// <param name="smsKey">SMS key</param> /// <param name="secureManager">Secure manager</param> public SMSClient(HttpClient httpClient, IConfigurationSection section, Func <string, string>?secureManager = null) : this( httpClient, CryptographyUtils.UnsealData(section.GetValue <string>("SMSUser"), secureManager), CryptographyUtils.UnsealData(section.GetValue <string>("SMSKey"), secureManager), AddressRegion.GetById(section.GetValue <string>("Region")) ?? AddressRegion.CN ) { // var templates = section.GetSection("Templates").Get<TemplateItem[]>(); var templates = section.GetSection("Templates").GetChildren().Select(item => new TemplateItem( Enum.Parse <TemplateKind>(item.GetValue <string>("Kind")), item.GetValue <string>("TemplateId"), item.GetValue <string>("EndPoint"), item.GetValue <string>("Region"), item.GetValue <string>("Language"), item.GetValue <string>("Signature"), item.GetValue("Default", false) )); AddTemplates(templates); }
/// <summary> /// Create connection factory /// 创建连接工厂 /// </summary> /// <param name="section">Configuration section</param> /// <param name="secureManager">Secure manager</param> /// <returns>Connection factory</returns> public static ConnectionFactory CreateFactory(IConfigurationSection section, Func <string, string>?secureManager) { var factory = new ConnectionFactory { HostName = section.GetValue <string>("HostName"), UserName = CryptographyUtils.UnsealData(section.GetValue <string>("UserName"), secureManager), Password = CryptographyUtils.UnsealData(section.GetValue <string>("Password"), secureManager), ClientProvidedName = section.GetValue <string>("ClientProvidedName"), AutomaticRecoveryEnabled = section.GetValue("AutomaticRecoveryEnabled", true), DispatchConsumersAsync = section.GetValue("DispatchConsumersAsync", false), UseBackgroundThreadsForIO = section.GetValue("UseBackgroundThreadsForIO", false), ConsumerDispatchConcurrency = section.GetValue("ConsumerDispatchConcurrency", Environment.ProcessorCount - 1) }; // VirtualHost var virtualHost = section.GetValue <string>("VirtualHost"); if (!string.IsNullOrEmpty(virtualHost)) { factory.VirtualHost = virtualHost; } // Port var port = section.GetValue <int?>("Port"); if (port.HasValue) { factory.Port = port.Value; } // SSL var ssl = section.GetSection("Ssl"); if (ssl.Exists()) { factory.Ssl = ssl.Get <SslOption>(); } return(factory); }
/// <summary> /// Constructor /// 构造函数 /// </summary> /// <param name="services">Dependency injection services</param> /// <param name="sslOnly">SSL only?</param> /// <param name="section">Configuration section</param> /// <param name="secureManager">Secure manager</param> /// <param name="issuerSigningKeyResolver">Issuer signing key resolver</param> /// <param name="tokenDecryptionKeyResolver">Token decryption key resolver</param> public JwtService(IServiceCollection services, bool sslOnly, IConfigurationSection section, Func <string, string>?secureManager = null, IssuerSigningKeyResolver?issuerSigningKeyResolver = null, TokenDecryptionKeyResolver?tokenDecryptionKeyResolver = null) { // Jwt section is required if (!section.Exists()) { throw new ArgumentNullException(nameof(section), "No Section"); } defaultIssuer = section.GetValue <string>("DefaultIssuer") ?? DefaultIssuer; defaultAudience = section.GetValue <string>("DefaultAudience") ?? "All"; validIssuer = section.GetValue <string>("ValidIssuer"); validIssuers = section.GetSection("ValidIssuers").Get <IEnumerable <string> >(); if (string.IsNullOrEmpty(validIssuer)) { validIssuer = defaultIssuer; } validAudience = section.GetValue <string>("ValidAudience"); validAudiences = section.GetSection("ValidAudiences").Get <IEnumerable <string> >(); if (string.IsNullOrEmpty(validAudience) && validAudiences == null) { validAudience = defaultAudience; } // Whether validate audience var validateAudience = section.GetValue <bool?>("ValidateAudience"); // Hash algorithms securityAlgorithms = section.GetValue("SecurityAlgorithms", SecurityAlgorithms.RsaSha512Signature); // Default 30 minutes AccessTokenMinutes = section.GetValue("AccessTokenMinutes", 30); // Default 90 days RefreshTokenDays = section.GetValue("RefreshTokenDays", 90); // https://stackoverflow.com/questions/53487247/encrypting-jwt-security-token-supported-algorithms // AES256, 256 / 8 = 32 bytes var encryptionKeyPlain = CryptographyUtils.UnsealData(section.GetValue <string>("EncryptionKey"), secureManager); // RSA crypto provider crypto = new RSACrypto(section, secureManager); // Default signing key resolver this.issuerSigningKeyResolver = (token, securityToken, kid, validationParameters) => { if (issuerSigningKeyResolver == null) { return(new List <RsaSecurityKey> { new RsaSecurityKey(crypto.RSA) { KeyId = kid } }); } var keys = issuerSigningKeyResolver(token, securityToken, kid, validationParameters); if (!keys.Any()) { keys = keys.Append(new RsaSecurityKey(crypto.RSA) { KeyId = kid }); } return(keys); }; this.tokenDecryptionKeyResolver = (token, securityToken, kid, validationParameters) => { if (tokenDecryptionKeyResolver == null) { return(new List <SymmetricSecurityKey> { new SymmetricSecurityKey(Encoding.UTF8.GetBytes(encryptionKeyPlain)) { KeyId = kid } }); } var keys = tokenDecryptionKeyResolver(token, securityToken, kid, validationParameters); if (!keys.Any()) { keys = keys.Append(new SymmetricSecurityKey(Encoding.UTF8.GetBytes(encryptionKeyPlain)) { KeyId = kid }); } return(keys); }; // Adding Authentication services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(options => { // Is SSL only options.RequireHttpsMetadata = sslOnly; // Useful forwarding the JWT in an outgoing request // https://stackoverflow.com/questions/57057749/what-is-the-purpose-of-jwtbeareroptions-savetoken-property-in-asp-net-core-2-0 options.SaveToken = false; // Token validation parameters options.TokenValidationParameters = CreateValidationParameters(); if (validateAudience != null) { options.TokenValidationParameters.ValidateAudience = validateAudience.Value; } }); }