public AuthorizationController(
IX509Provider x509Provider,
ISecretsStore secretsStore,
IUserInfoService userInfoService)
{
_x509Provider = x509Provider;
_secretsStore = secretsStore;
_userInfoService = userInfoService;
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
var secretsConfig = Configuration.GetSection("Secrets");
var secretsProviderName = secretsConfig.GetValue <string>("Provider");
ICertificateStore certificatesStore;
ISecretsStore secretsStore = null;
switch (secretsProviderName)
{
case "aws_ssm_parameter":
secretsStore = new AwsSsmParameterSecretsStore(secretsConfig.Get <AwsSsmParameterSecretStoreConfiguration>());
certificatesStore = new SecretsCertificateStore(secretsStore);
break;
default:
secretsStore = new PassThruSecretStore();
certificatesStore = new FileCertificateStore(Directory.GetCurrentDirectory());
break;
}
ICertificatesProvider certificatesProvider = new CertificatesProvider(certificatesStore, secretsStore);
services.AddSingleton <ICertificatesProvider>(certificatesProvider);
var builder = services.AddIdentityServer()
.AddInMemoryIdentityResources(AuthenticationServiceConfiguration.GetIdentityResources())
.AddInMemoryApiResources(AuthenticationServiceConfiguration.GetApis())
.AddInMemoryClients(AuthenticationServiceConfiguration.GetClients())
.AddResourceOwnerValidator <ResourceOwnerValidator>()
.AddCorsPolicyService <CorsPolicyService>();
services.AddSingleton <IAuthenticationService, AuthenticationService>();
// Configure the certificate used to signin OAUTH2 Tokens
var signingCredentialConfig = Configuration.GetSection("SigningCredential").Get <CertificateConfigurationData>();
var getSigningCredentialTask = certificatesProvider.GetCertificateAsync(signingCredentialConfig.Path, signingCredentialConfig.Password);
getSigningCredentialTask.Wait();
var signingCredential = getSigningCredentialTask.Result;
builder.AddSigningCredential(signingCredential);
// services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
}
/// <summary>
/// Initializes a new instance of the <see cref="T:SecuredCommunication.KeyVaultSecretManager"/> class.
/// </summary>
/// <param name="encryptionCertInfo">needed info for this certificate import process</param>
/// <param name="decryptionCertInfo">needed info for this certificate import process</param>
/// <param name="signCertInfo">needed info for this certificate import process</param>
/// <param name="verifyCertInfo">needed info for this certificate import process</param>
/// <param name="privateKv">A KV with private keys. Will be used for decryption and signing</param>
/// <param name="publicKv">A KV just with public keys. Will be used for encryption and verifying</param>
public KeyVaultCryptoActions(
CertificateInfo encryptionCertInfo,
CertificateInfo decryptionCertInfo,
CertificateInfo signCertInfo,
CertificateInfo verifyCertInfo,
ISecretsStore privateKv,
ISecretsStore publicKv)
{
// marked as false as we still need to initialize the EncryptionHelper later
m_isInit = false;
m_encryptionCertInfo = encryptionCertInfo;
m_decryptionCertInfo = decryptionCertInfo;
m_signCertInfo = signCertInfo;
m_verifyCertInfo = verifyCertInfo;
m_privateKeyVault = privateKv;
m_publicKeyVault = publicKv;
}
public CertificatesProvider(ICertificateStore certificatesStore, ISecretsStore secretsStore)
{
this.certificatesStore = certificatesStore;
this.secretsStore = secretsStore;
}
public SecretsCertificateStore(ISecretsStore secretsStore)
{
this.secretsStore = secretsStore;
}
public HomeController(ISecretsStore secretsStore)
{
_secretsStore = secretsStore;
}
/// <summary>
/// Ctor for EthereumAccount class
/// </summary>
/// <param name="database">The database which holds the clients' private keys.</param>
/// <param name="nodeUrl">The Ethereum node Url. If it's empty, it will work with the local Ethereum testnet.</param>
public EthereumAccount(ISecretsStore database, string nodeUrl = "")
{
m_db = database;
m_web3 = string.IsNullOrEmpty(nodeUrl) ? new Web3() : new Web3(nodeUrl);
}
