Пример #1
0
        private static void ConfigureEnvironment(IHostEnvironment hostingEnvironment, IConfigurationBuilder configurationBuilder)
        {
            var configurationRoot = configurationBuilder.Build();

            configurationRoot = configurationBuilder
                                .AddConfigurationService()
                                .Build(); // refresh configuration root to get configuration service settings

            var keyVaultName = configurationRoot["KeyVaultName"];

            if (!string.IsNullOrEmpty(keyVaultName))
            {
                // we use the managed identity of the service to authenticate at the KeyVault

                var azureServiceTokenProvider = new AzureServiceTokenProvider();

                using var keyVaultClient = new KeyVaultClient(new KeyVaultClient.AuthenticationCallback(azureServiceTokenProvider.KeyVaultTokenCallback));

                configurationBuilder.AddAzureKeyVault($"https://{keyVaultName}.vault.azure.net/", keyVaultClient, new DefaultKeyVaultSecretManager());
            }
            else if (hostingEnvironment.IsDevelopment())
            {
                // for development we use the local secret store as a fallback if not KeyVaultName is provided
                // see: https://docs.microsoft.com/en-us/aspnet/core/security/app-secrets?view=aspnetcore-3.1

                configurationBuilder.AddUserSecrets <Startup>();
            }
        }
Пример #2
0
        private static IConfigurationBuilder ConfigureEnvironment(IHostEnvironment hostingEnvironment, IConfigurationBuilder configurationBuilder)
        {
            var configurationRoot    = configurationBuilder.Build();
            var configurationService = configurationRoot.GetConnectionString("ConfigurationService");

            if (!string.IsNullOrEmpty(configurationService))
            {
                // the configuration service connection string can either be an Azure App Configuration
                // service connection string or a file uri that points to a local settings file.

                configurationRoot = configurationBuilder
                                    .AddConfigurationService(configurationService, true)
                                    .Build(); // refresh configuration root to get configuration service settings
            }

            var keyVaultName = configurationRoot["KeyVaultName"];

            if (!string.IsNullOrEmpty(keyVaultName))
            {
#pragma warning disable CA2000 // Dispose objects before losing scope

                // we use the managed identity of the service to authenticate at the KeyVault

                var azureServiceTokenProvider = new AzureServiceTokenProvider();

                var keyVaultClient = new KeyVaultClient(
                    new KeyVaultClient.AuthenticationCallback(
                        azureServiceTokenProvider.KeyVaultTokenCallback));

                //configurationBuilder.AddAzureKeyVault(
                //    $"https://{keyVaultName}.vault.azure.net/",
                //    keyVaultClient,
                //    new DefaultKeyVaultSecretManager());

#pragma warning restore CA2000 // Dispose objects before losing scope
            }
            else if (hostingEnvironment.IsDevelopment())
            {
                // for development we use the local secret store as a fallback if not KeyVaultName is provided
                // see: https://docs.microsoft.com/en-us/aspnet/core/security/app-secrets?view=aspnetcore-3.1

                configurationBuilder.AddUserSecrets <Startup>();
            }

            return(configurationBuilder);
        }