Пример #1
0
        private static IConfiguration BuildAppConfiguration(IConfigurationBuilder builder, WebHostBuilderContext hostingContext)
        {
            var            environment   = hostingContext.HostingEnvironment;
            IConfiguration configuration = builder.Build();

            if (environment.IsDevelopment())
            {
                builder.AddUserSecrets(Assembly.Load(new AssemblyName(environment.ApplicationName)), optional: true);
            }

            // TODO : Work out why the instrumentation key below is ignored, the correct instrumentation key seems to be only
            // set if it is present in the appsettings.json or is passed to the overloaded extensions method on IWebHostBuilder called UseApplicationInsights.
            var applicationInsightsSettings = new ApplicationInsightsSettings();

            configuration.BindOrThrow("ApplicationInsights", applicationInsightsSettings);
            builder.AddApplicationInsightsSettings(developerMode: environment.IsDevelopment(), instrumentationKey: applicationInsightsSettings.InstrumentationKey);

            KeyVaultSettings keyVaultSettings = new KeyVaultSettings();

            configuration.BindOrThrow("KeyVaultSettings", keyVaultSettings);

            builder.AddAzureKeyVault(
                keyVaultSettings.DnsName,
                keyVaultSettings.AppUserClientId,
                keyVaultSettings.AppUserClientSecret);

            return(configuration);
        }
 public void Run(IConfigurationBuilder configBuilder, IServiceCollection services, IConfigurationRoot localConfig)
 {
     if (env.IsEnvironment("Development"))
     {
         configBuilder.AddApplicationInsightsSettings();
     }
 }
        /// <summary>
        /// Configures the application.
        /// </summary>
        /// <param name="builder">The <see cref="IConfigurationBuilder"/> to configure.</param>
        /// <param name="context">The <see cref="HostBuilderContext"/> to use.</param>
        /// <returns>
        /// The <see cref="IConfigurationBuilder"/> passed as the value of <paramref name="builder"/>.
        /// </returns>
        public static IConfigurationBuilder ConfigureApplication(this IConfigurationBuilder builder, HostBuilderContext context)
        {
            builder.AddApplicationInsightsSettings(developerMode: context.HostingEnvironment.IsDevelopment());

            // Build the configuration so far
            IConfiguration config = builder.Build();

            // Get the settings for Azure Key Vault
            string vault        = config["AzureKeyVault:Uri"];
            string clientId     = config["AzureKeyVault:ClientId"];
            string clientSecret = config["AzureKeyVault:ClientSecret"];

            // Can Managed Service Identity be used instead of direct Key Vault integration?
            bool canUseMsi =
                !string.Equals(config["WEBSITE_DISABLE_MSI"], bool.TrueString, StringComparison.OrdinalIgnoreCase) &&
                !string.IsNullOrEmpty(config["MSI_ENDPOINT"]) &&
                !string.IsNullOrEmpty(config["MSI_SECRET"]);

            bool canUseKeyVault =
                !string.IsNullOrEmpty(vault) &&
                (canUseMsi || (!string.IsNullOrEmpty(clientId) && !string.IsNullOrEmpty(clientSecret)));

            if (canUseKeyVault)
            {
                var manager = new AzureEnvironmentSecretManager(config.AzureEnvironment());

                if (canUseMsi)
                {
#pragma warning disable CA2000
                    var provider = new AzureServiceTokenProvider();
                    var client   = new KeyVaultClient(new KeyVaultClient.AuthenticationCallback(provider.KeyVaultTokenCallback));
                    builder.AddAzureKeyVault(vault, client, manager);
#pragma warning restore CA2000
                }
                else
                {
                    builder.AddAzureKeyVault(
                        vault,
                        clientId,
                        clientSecret,
                        manager);
                }
            }

            return(builder);
        }
Пример #4
0
        /// <summary>
        /// Configures the application.
        /// </summary>
        /// <param name="builder">The <see cref="IConfigurationBuilder"/> to configure.</param>
        /// <param name="context">The <see cref="HostBuilderContext"/> to use.</param>
        /// <returns>
        /// The <see cref="IConfigurationBuilder"/> passed as the value of <paramref name="builder"/>.
        /// </returns>
        public static IConfigurationBuilder ConfigureApplication(this IConfigurationBuilder builder, HostBuilderContext context)
        {
            builder.AddApplicationInsightsSettings(developerMode: context.HostingEnvironment.IsDevelopment());

            // Build the configuration so far
            IConfiguration config = builder.Build();

            // Get the settings for Azure Key Vault
            string vault        = config["AzureKeyVault:Uri"];
            string clientId     = config["AzureKeyVault:ClientId"];
            string clientSecret = config["AzureKeyVault:ClientSecret"];
            string tenantId     = config["AzureKeyVault:TenantId"];

            // Can Managed Service Identity be used instead of direct Key Vault integration?
            bool canUseMsi =
                !string.Equals(config["WEBSITE_DISABLE_MSI"], bool.TrueString, StringComparison.OrdinalIgnoreCase) &&
                !string.IsNullOrEmpty(config["MSI_ENDPOINT"]) &&
                !string.IsNullOrEmpty(config["MSI_SECRET"]);

            bool canUseKeyVault =
                !string.IsNullOrEmpty(vault) &&
                (canUseMsi || (!string.IsNullOrEmpty(clientId) && !string.IsNullOrEmpty(clientSecret) && !string.IsNullOrEmpty(tenantId)));

            if (canUseKeyVault)
            {
                var             manager = new AzureEnvironmentSecretManager(config.AzureEnvironment());
                TokenCredential credential;

                if (canUseMsi)
                {
                    credential = new ManagedIdentityCredential();
                }
                else
                {
                    credential = new ClientSecretCredential(tenantId, clientId, clientSecret);
                }

                builder.AddAzureKeyVault(new Uri(vault), credential, manager);
            }

            return(builder);
        }
 public static IConfigurationBuilder AddApplicationInsightsSettings(this IConfigurationBuilder configurationSourceRoot, bool?developerMode = null, string endpointAddress = null, string instrumentationKey = null)
 => configurationSourceRoot.AddApplicationInsightsSettings(connectionString: null, developerMode: developerMode, endpointAddress: endpointAddress, instrumentationKey: instrumentationKey);