public GlobalSettings() { BaseServiceUri = new BaseServiceUriSettings(this); Attachment = new FileStorageSettings(this, "attachments", "attachments"); Send = new FileStorageSettings(this, "attachments/send", "attachments/send"); DataProtection = new DataProtectionSettings(this); }
public static IServiceCollection LoadMasterKey(this IServiceCollection services, IConfiguration configuration) { DataProtectionSettings dataProtectionSettings = new DataProtectionSettings(); IConfigurationSection dataProtectionSettingsSection = configuration.GetSection(nameof(DataProtectionSettings)); dataProtectionSettingsSection.Bind(dataProtectionSettings); SymmetricSecurityKey masterSecurityKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(dataProtectionSettings.MasterKey)); return(services.Configure <DataProtectionSettings>(options => { options.MasterSecurityKey = masterSecurityKey; })); }
/// <summary> /// AddDataProtectionWithCertInRedis /// </summary> /// <param name="services"></param> /// <param name="action"></param> /// <returns></returns> /// <exception cref="WebApiException"></exception> public static IServiceCollection AddDataProtectionWithCertInRedis(this IServiceCollection services, Action <DataProtectionSettings> action) { DataProtectionSettings dataProtectionSettings = new DataProtectionSettings(); action(dataProtectionSettings); string redisKey = $"{dataProtectionSettings.ApplicationName}_{EnvironmentUtil.AspNetCoreEnvironment}_dpk"; X509Certificate2 certificate2 = CertificateUtil.GetCertificateFromSubjectOrFile( dataProtectionSettings.CertificateSubject, dataProtectionSettings.CertificateFileName, dataProtectionSettings.CertificateFilePassword); ConfigurationOptions redisConfigurationOptions = ConfigurationOptions.Parse(dataProtectionSettings.RedisConnectString); redisConfigurationOptions.AllowAdmin = false; Policy .Handle <RedisConnectionException>() .WaitAndRetryForever( count => TimeSpan.FromSeconds(5 + count * 2), (exception, retryCount, timeSpan) => { RedisConnectionException ex = (RedisConnectionException)exception; Log.Fatal( exception, $"DataProtection : Try {retryCount}th times. Wait For {timeSpan.TotalSeconds} seconds. Redis Can not connect {dataProtectionSettings.RedisConnectString} : {redisKey};" ); }) .Execute(() => { ConnectionMultiplexer redisMultiplexer = ConnectionMultiplexer.Connect(redisConfigurationOptions); services .AddDataProtection() .SetApplicationName(dataProtectionSettings.ApplicationName) .ProtectKeysWithCertificate(certificate2) .PersistKeysToStackExchangeRedis(redisMultiplexer, redisKey); }); return(services); }
public static IServiceCollection AddDataProtection(this IServiceCollection services, IConfiguration configuration) { var protectionSettings = new DataProtectionSettings(configuration); if (protectionSettings.Enabled) { var protection = services .AddDataProtection() .PersistKeysToAzureBlobStorage(protectionSettings.BlobUriWithSas); var vaultSettings = new KeyVaultSettings(configuration); if (vaultSettings.Enabled) { protection.ProtectKeysWithAzureKeyVault( protectionSettings.VaultKeyIdentifier, vaultSettings.ClientId, vaultSettings.ClientSecret); } return(protection.Services); } return(services); }
public MasterKeyProvider( IOptions <DataProtectionSettings> dataProtectionSettingsAccessor) { _dataProtectionSettings = dataProtectionSettingsAccessor.Value; }