/// <summary> /// Adds data protection services /// </summary> /// <param name="services">Collection of service descriptors</param> public static void AddNopDataProtection(this IServiceCollection services) { //check whether to persist data protection in Redis var appSettings = services.BuildServiceProvider().GetRequiredService <AppSettings>(); if (appSettings.RedisConfig.Enabled && appSettings.RedisConfig.StoreDataProtectionKeys) { //store keys in Redis services.AddDataProtection().PersistKeysToStackExchangeRedis(() => { //For some reason, data protection services are registered earlier. This configuration is called even before the request queue starts. //Service provider has not yet been built and we cannot get the required service. //So we create a new instance of RedisConnectionWrapper() bypassing the DI. var redisConnectionWrapper = new RedisConnectionWrapper(appSettings); return(redisConnectionWrapper.GetDatabase(appSettings.RedisConfig.DatabaseId ?? (int)RedisDatabaseNumber.DataProtectionKeys)); }, NopDataProtectionDefaults.RedisDataProtectionKey); } else if (appSettings.AzureBlobConfig.Enabled && appSettings.AzureBlobConfig.StoreDataProtectionKeys) { var cloudStorageAccount = CloudStorageAccount.Parse(appSettings.AzureBlobConfig.ConnectionString); var client = cloudStorageAccount.CreateCloudBlobClient(); var container = client.GetContainerReference(appSettings.AzureBlobConfig.DataProtectionKeysContainerName); var dataProtectionBuilder = services.AddDataProtection().PersistKeysToAzureBlobStorage(container, NopDataProtectionDefaults.AzureDataProtectionKeyFile); if (!appSettings.AzureBlobConfig.DataProtectionKeysEncryptWithVault) { return; } var tokenProvider = new AzureServiceTokenProvider(); var keyVaultClient = new KeyVaultClient(new KeyVaultClient.AuthenticationCallback(tokenProvider.KeyVaultTokenCallback)); dataProtectionBuilder.ProtectKeysWithAzureKeyVault(keyVaultClient, appSettings.AzureBlobConfig.DataProtectionKeysVaultId); } else { var dataProtectionKeysPath = CommonHelper.DefaultFileProvider.MapPath(NopDataProtectionDefaults.DataProtectionKeysPath); var dataProtectionKeysFolder = new System.IO.DirectoryInfo(dataProtectionKeysPath); //configure the data protection system to persist keys to the specified directory services.AddDataProtection().PersistKeysToFileSystem(dataProtectionKeysFolder); } }