public ActionResult SetInitialConfig(InitialSetupConfigModel config)
{
appSettings.Update(setting => setting.DatastoreRootPath = config.DatastoreRootPath);
DatabaseLocator dbLocator = new DatabaseLocator(config.DatastoreRootPath);
LiteDbConfigurationRepository configurationRepository = new LiteDbConfigurationRepository(dbLocator.GetConfigurationRepositoryConnectionString());
InitialSetupLogic initialSetupLogic = new InitialSetupLogic(configurationRepository);
initialSetupLogic.Complete(config);
return(RedirectToAction("Complete", "InitialSetup"));
}
private X509Certificate2 CheckDefaultCertificate()
{
using var db = new LiteDbConfigurationRepository();
var webSslCert = db.WebSslCertificate;
if (webSslCert != null)
{
return(webSslCert);
}
webSslCert = CertificateHelper.CreateDefaultSslCertificate();
db.WebSslCertificate = webSslCert;
Log.Logger.Information("Created and installed a default web ssl certificate.");
// Need to make sure that we return a db instance of the certificate rather than a local instance
// So rather than just returning the webSslCert created above, get a new instance of the certificate
// from the database.
return(db.WebSslCertificate);
}
private void InitializeApp(IServiceCollection services, AppSettings appSettings)
{
//singleton pattern here was a huge mistake, i'm going to fix this.
LiteDbConfigurationRepository configurationRepository = new LiteDbConfigurationRepository(databaseLocator.GetConfigurationRepositoryConnectionString());
appConfig = configurationRepository.GetAppConfig();
ActiveDirectoryRepository activeDirectory = new ActiveDirectoryRepository();
EncryptionProvider cipher = new EncryptionProvider(appConfig.EncryptionKey);
services.AddSingleton <EncryptionProvider>(cipher);
services.AddSingleton <IActiveDirectoryAuthenticator>(activeDirectory);
services.AddSingleton <IActiveDirectoryRepository>(activeDirectory);
IdentityAuthenticationLogic identityAuthenticationLogic = new IdentityAuthenticationLogic(configurationRepository, activeDirectory);
services.AddSingleton <IdentityAuthenticationLogic>();
ICertificateRepository certificateRepository = new LiteDbCertificateRepository(databaseLocator.GetCertificateRepositoryConnectionString());
RuntimeCacheRepository runtimeCacheRepository = null;
LiteDbAuditRepository auditRepository = new LiteDbAuditRepository(databaseLocator.GetAuditRepositoryConnectionString());
IAuditLogic auditLogic = new AuditLogic(auditRepository, configurationRepository);
services.AddSingleton <IAuditLogic>(auditLogic);
IAuthorizationLogic authorizationLogic = new AuthorizationLogic(configurationRepository, auditLogic);
IScriptManagementLogic scriptManagement = new ScriptManagementLogic(configurationRepository, authorizationLogic);
services.AddSingleton <IScriptManagementLogic>(scriptManagement);
IPowershellEngine powershellEngine = new PowershellEngine(auditLogic, scriptManagement);
services.AddSingleton <IPowershellEngine>(powershellEngine);
RoleManagementLogic roleManagementLogic = new RoleManagementLogic(configurationRepository, authorizationLogic);
services.AddSingleton <RoleManagementLogic>(roleManagementLogic);
UserManagementLogic userManagementLogic = new UserManagementLogic(configurationRepository, authorizationLogic);
services.AddSingleton <UserManagementLogic>(userManagementLogic);
SecurityPrincipalLogic securityPrincipalLogic = new SecurityPrincipalLogic(roleManagementLogic, userManagementLogic);
services.AddSingleton <SecurityPrincipalLogic>();
AdcsTemplateLogic adcsTemplateLogic = new AdcsTemplateLogic(configurationRepository, activeDirectory);
services.AddSingleton <AdcsTemplateLogic>(adcsTemplateLogic);
services.AddSingleton <IAuthorizationLogic>(authorizationLogic);
services.AddSingleton <IConfigurationRepository>(configurationRepository);
ICertificateProvider certificateProvider = new Win32CertificateProvider();
services.AddSingleton <ICertificateProvider>(certificateProvider);
services.AddSingleton <ICertificateRepository>(certificateRepository);
ActiveDirectoryIdentityProviderLogic activeDirectoryIdentityProviderLogic = new ActiveDirectoryIdentityProviderLogic(configurationRepository);
services.AddSingleton <ActiveDirectoryIdentityProviderLogic>(activeDirectoryIdentityProviderLogic);
certificateManagementLogic = new CertificateManagementLogic(
configurationRepository,
certificateRepository,
authorizationLogic,
auditLogic,
securityPrincipalLogic,
cipher);
services.AddSingleton <CertificateManagementLogic>(certificateManagementLogic);
PrivateCertificateProcessing privateCertificateProcessing = new PrivateCertificateProcessing(certificateRepository, configurationRepository, certificateProvider, authorizationLogic, adcsTemplateLogic, auditLogic);
services.AddSingleton <IPrivateCertificateProcessing>(privateCertificateProcessing);
services.AddSingleton <NodeLogic>(new NodeLogic(configurationRepository, authorizationLogic, activeDirectoryIdentityProviderLogic, powershellEngine, auditLogic, certificateManagementLogic, privateCertificateProcessing));
services.AddSingleton <IRuntimeConfigurationState>(
new RuntimeConfigurationState(configurationRepository, runtimeCacheRepository)
{
InitialSetupComplete = initialSetupComplete
});
services.AddSingleton <IClientsideConfigurationProvider>(new ClientsideConfigurationProvider(configurationRepository));
services.AddSingleton <AnalyticsLogic>(new AnalyticsLogic(configurationRepository, certificateRepository, auditRepository));
services.AddSingleton <DataRenderingProvider>(new DataRenderingProvider());
oidcLogic = new OpenIdConnectIdentityProviderLogic(configurationRepository, authorizationLogic);
services.AddSingleton <IOpenIdConnectIdentityProviderLogic>(oidcLogic);
}
public WorkstationDevelopment(string configPath)
{
configDb = new LiteDbConfigurationRepository(configPath);
}
public void InitializeTest()
{
user = new Mock <ClaimsPrincipal>();
string configPath = Path.GetTempFileName();
configDb = new LiteDbConfigurationRepository(configPath);
configDb.Insert <AdcsTemplate>(new AdcsTemplate()
{
WindowsApi = WindowsApi.CryptoApi,
Cipher = CipherAlgorithm.RSA,
//Hash = HashAlgorithm.SHA256,
KeyUsage = KeyUsage.ServerAuthentication,
Name = "ServerAuthentication-CapiRsa"
});
configDb.Insert <AdcsTemplate>(new AdcsTemplate()
{
WindowsApi = WindowsApi.CryptoApi,
Cipher = CipherAlgorithm.RSA,
//Hash = HashAlgorithm.SHA256,
KeyUsage = KeyUsage.None,
Name = "NoKeyUsage-CapiRsa"
});
configDb.Insert <AdcsTemplate>(new AdcsTemplate()
{
WindowsApi = WindowsApi.Cng,
Cipher = CipherAlgorithm.RSA,
// Hash = HashAlgorithm.SHA256,
KeyUsage = KeyUsage.ServerAuthentication,
Name = "ServerAuthentication-CngRsa"
});
configDb.Insert <AdcsTemplate>(new AdcsTemplate()
{
WindowsApi = WindowsApi.Cng,
Cipher = CipherAlgorithm.RSA,
//Hash = HashAlgorithm.SHA256,
KeyUsage = KeyUsage.ServerAuthentication | KeyUsage.ClientAuthentication,
Name = "ClientServerAuthentication-CngRsa"
});
configDb.Insert <AdcsTemplate>(new AdcsTemplate()
{
WindowsApi = WindowsApi.Cng,
Cipher = CipherAlgorithm.ECDH,
//Hash = HashAlgorithm.SHA256,
KeyUsage = KeyUsage.ServerAuthentication,
Name = "ServerAuthentication-CngEcdh"
});
configDb.Insert <AdcsTemplate>(new AdcsTemplate()
{
WindowsApi = WindowsApi.Cng,
Cipher = CipherAlgorithm.ECDSA,
//Hash = HashAlgorithm.SHA256,
KeyUsage = KeyUsage.ServerAuthentication,
Name = "ServerAuthentication-CngEcdsa"
});
Logic.SecretKeyProvider secretKeyProvider = new Logic.SecretKeyProvider();
AppConfig appConfig = new AppConfig()
{
EncryptionKey = secretKeyProvider.NewSecretBase64(32)
};
configDb.SetAppConfig(appConfig);
ActiveDirectoryMetadata identitySource = new ActiveDirectoryMetadata()
{
Domain = "cm.local",
Enabled = true,
ActiveDirectoryMetadataType = ActiveDirectoryMetadataType.ActiveDirectoryBasic,
Id = Guid.NewGuid(),
Name = "cm.local",
Password = password,
Username = username,
SearchBase = "DC=cm,DC=local"
};
PrivateCertificateAuthorityConfig caConfig = new PrivateCertificateAuthorityConfig()
{
CommonName = caCommonName,
ServerName = caServerName,
HashAlgorithm = HashAlgorithm.SHA256,
Id = Guid.NewGuid(),
IdentityProviderId = identitySource.Id
};
configDb.Insert <PrivateCertificateAuthorityConfig>(caConfig);
configDb.Insert <ActiveDirectoryMetadata>(identitySource);
templateLogic = new AdcsTemplateLogic(configDb, activeDirectory);
KeyUsage keyUsage = KeyUsage.ClientAuthentication | KeyUsage.ServerAuthentication;
//AdcsTemplate config = configDb.Get<AdcsTemplate>(x => x.Cipher == CipherAlgorithm.RSA && x.WindowsApi == WindowsApi.Cng && x.KeyUsage == keyUsage).First();
//var config = configDb.GetAdcsTemplate(HashAlgorithm.SHA256, CipherAlgorithm.RSA, WindowsApi.Cng, KeyUsage.ClientAuthentication | KeyUsage.ServerAuthentication);
string certDbPath = Path.GetTempFileName();
certDb = new LiteDbCertificateRepository(certDbPath);
}
