From 850ce33edf28b10a08a4f8eaefc3e89f53805f00 Mon Sep 17 00:00:00 2001 From: Pavel Krymets Date: Fri, 2 Mar 2018 14:59:28 -0800 Subject: [PATCH] Remove keyvault hosting startup (#159) --- AzureIntegration.sln | 7 - ...Core.AzureAppServices.SiteExtension.csproj | 1 - .../applicationHost.xdt | 4 +- ...zureAppServicesHostingStartupSample.csproj | 1 - .../Startup.cs | 14 -- .../Properties/launchSettings.json | 2 +- .../AssemblyInfo.cs | 6 - .../AzureKeyVaultHostingStartup.cs | 93 ----------- ...etCore.AzureKeyVault.HostingStartup.csproj | 24 --- .../TransformTest.cs | 6 +- .../HostingStartupTests.cs | 144 ------------------ ...e.AzureAppServicesIntegration.Tests.csproj | 1 - 12 files changed, 5 insertions(+), 298 deletions(-) delete mode 100644 src/Microsoft.AspNetCore.AzureKeyVault.HostingStartup/AssemblyInfo.cs delete mode 100644 src/Microsoft.AspNetCore.AzureKeyVault.HostingStartup/AzureKeyVaultHostingStartup.cs delete mode 100644 src/Microsoft.AspNetCore.AzureKeyVault.HostingStartup/Microsoft.AspNetCore.AzureKeyVault.HostingStartup.csproj delete mode 100644 test/Microsoft.AspNetCore.AzureAppServicesIntegration.Tests/HostingStartupTests.cs diff --git a/AzureIntegration.sln b/AzureIntegration.sln index c67ddfd03c..5ef2360204 100644 --- a/AzureIntegration.sln +++ b/AzureIntegration.sln @@ -54,8 +54,6 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Microsoft.Extensions.Applic EndProject Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Microsoft.AspNetCore.Runtime.SiteExtension", "extensions\Microsoft.AspNetCore.Runtime.SiteExtension\Microsoft.AspNetCore.Runtime.SiteExtension.csproj", "{E1E9BC7A-6951-4B60-8DFB-DBB9AC3CDEB0}" EndProject -Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Microsoft.AspNetCore.AzureKeyVault.HostingStartup", "src\Microsoft.AspNetCore.AzureKeyVault.HostingStartup\Microsoft.AspNetCore.AzureKeyVault.HostingStartup.csproj", "{4B471CD7-4A15-4C42-B7B7-0A1C8BA2FDBA}" -EndProject Global GlobalSection(SolutionConfigurationPlatforms) = preSolution Debug|Any CPU = Debug|Any CPU @@ -126,10 +124,6 @@ Global {E1E9BC7A-6951-4B60-8DFB-DBB9AC3CDEB0}.Debug|Any CPU.Build.0 = Debug|Any CPU {E1E9BC7A-6951-4B60-8DFB-DBB9AC3CDEB0}.Release|Any CPU.ActiveCfg = Release|Any CPU {E1E9BC7A-6951-4B60-8DFB-DBB9AC3CDEB0}.Release|Any CPU.Build.0 = Release|Any CPU - {4B471CD7-4A15-4C42-B7B7-0A1C8BA2FDBA}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {4B471CD7-4A15-4C42-B7B7-0A1C8BA2FDBA}.Debug|Any CPU.Build.0 = Debug|Any CPU - {4B471CD7-4A15-4C42-B7B7-0A1C8BA2FDBA}.Release|Any CPU.ActiveCfg = Release|Any CPU - {4B471CD7-4A15-4C42-B7B7-0A1C8BA2FDBA}.Release|Any CPU.Build.0 = Release|Any CPU EndGlobalSection GlobalSection(SolutionProperties) = preSolution HideSolutionNode = FALSE @@ -151,7 +145,6 @@ Global {F0CABFE8-A5B1-487B-A451-A486D26742D3} = {FF9B744E-6C59-40CC-9E41-9D2EBD292435} {15664836-2B94-4D2D-AC18-6DED01FCCCBD} = {CD650B4B-81C2-4A44-AEF2-A251A877C1F0} {E1E9BC7A-6951-4B60-8DFB-DBB9AC3CDEB0} = {FF9B744E-6C59-40CC-9E41-9D2EBD292435} - {4B471CD7-4A15-4C42-B7B7-0A1C8BA2FDBA} = {FF9B744E-6C59-40CC-9E41-9D2EBD292435} EndGlobalSection GlobalSection(ExtensibilityGlobals) = postSolution SolutionGuid = {5743DFE7-1AA5-439D-84AE-A480EA389927} diff --git a/extensions/Microsoft.AspNetCore.AzureAppServices.SiteExtension/Microsoft.AspNetCore.AzureAppServices.SiteExtension.csproj b/extensions/Microsoft.AspNetCore.AzureAppServices.SiteExtension/Microsoft.AspNetCore.AzureAppServices.SiteExtension.csproj index 57e70de196..725847a797 100644 --- a/extensions/Microsoft.AspNetCore.AzureAppServices.SiteExtension/Microsoft.AspNetCore.AzureAppServices.SiteExtension.csproj +++ b/extensions/Microsoft.AspNetCore.AzureAppServices.SiteExtension/Microsoft.AspNetCore.AzureAppServices.SiteExtension.csproj @@ -22,7 +22,6 @@ - diff --git a/extensions/Microsoft.AspNetCore.AzureAppServices.SiteExtension/applicationHost.xdt b/extensions/Microsoft.AspNetCore.AzureAppServices.SiteExtension/applicationHost.xdt index c1fc50511f..7078c4f254 100644 --- a/extensions/Microsoft.AspNetCore.AzureAppServices.SiteExtension/applicationHost.xdt +++ b/extensions/Microsoft.AspNetCore.AzureAppServices.SiteExtension/applicationHost.xdt @@ -7,9 +7,9 @@ - + - + diff --git a/sample/AzureAppServicesHostingStartupSample/AzureAppServicesHostingStartupSample.csproj b/sample/AzureAppServicesHostingStartupSample/AzureAppServicesHostingStartupSample.csproj index 1dbc9a13ef..02512aaff6 100644 --- a/sample/AzureAppServicesHostingStartupSample/AzureAppServicesHostingStartupSample.csproj +++ b/sample/AzureAppServicesHostingStartupSample/AzureAppServicesHostingStartupSample.csproj @@ -13,7 +13,6 @@ - diff --git a/sample/AzureAppServicesHostingStartupSample/Startup.cs b/sample/AzureAppServicesHostingStartupSample/Startup.cs index 0b4afdb3da..1a91822bc1 100644 --- a/sample/AzureAppServicesHostingStartupSample/Startup.cs +++ b/sample/AzureAppServicesHostingStartupSample/Startup.cs @@ -1,21 +1,14 @@ using System; using System.Linq; using Microsoft.AspNetCore.Builder; -using Microsoft.AspNetCore.DataProtection; using Microsoft.AspNetCore.Hosting; using Microsoft.AspNetCore.Http; -using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Logging; namespace IISSample { public class Startup { - public void ConfigureServices(IServiceCollection services) - { - services.AddDataProtection(); - } - public void Configure(IApplicationBuilder app, ILoggerFactory loggerfactory) { var logger = loggerfactory.CreateLogger("Requests"); @@ -62,13 +55,6 @@ namespace IISSample await context.Response.WriteAsync(key + ": " + value + Environment.NewLine); } await context.Response.WriteAsync(Environment.NewLine); - - var protectorProvider = context.RequestServices.GetService(); - var protector = protectorProvider.CreateProtector("Purpose"); - - await context.Response.WriteAsync("Protected Query: " + protector.Protect(context.Request.QueryString.Value) + Environment.NewLine); - await context.Response.WriteAsync(Environment.NewLine); - }); } diff --git a/sample/AzureAppServicesSample/Properties/launchSettings.json b/sample/AzureAppServicesSample/Properties/launchSettings.json index 5ff7428dc8..93ebc1db03 100644 --- a/sample/AzureAppServicesSample/Properties/launchSettings.json +++ b/sample/AzureAppServicesSample/Properties/launchSettings.json @@ -3,7 +3,7 @@ "windowsAuthentication": false, "anonymousAuthentication": true, "iisExpress": { - "applicationUrl": "http://localhost:22071/", + "applicationUrl": "http://localhost:64358/", "sslPort": 0 } }, diff --git a/src/Microsoft.AspNetCore.AzureKeyVault.HostingStartup/AssemblyInfo.cs b/src/Microsoft.AspNetCore.AzureKeyVault.HostingStartup/AssemblyInfo.cs deleted file mode 100644 index 6852ee94a9..0000000000 --- a/src/Microsoft.AspNetCore.AzureKeyVault.HostingStartup/AssemblyInfo.cs +++ /dev/null @@ -1,6 +0,0 @@ -// Copyright (c) .NET Foundation. All rights reserved. -// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. - -using System.Runtime.CompilerServices; - -[assembly: InternalsVisibleTo("Microsoft.AspNetCore.AzureAppServicesIntegration.Tests, PublicKey=0024000004800000940000000602000000240000525341310004000001000100f33a29044fa9d740c9b3213a93e57c84b472c84e0b8a0e1ae48e67a9f8f6de9d5f7f3d52ac23e48ac51801f1dc950abe901da34d2a9e3baadb141a17c77ef3c565dd5ee5054b91cf63bb3c6ab83f72ab3aafe93d0fc3c2348b764fafb0b1c0733de51459aeab46580384bf9d74c4e28164b7cde247f891ba07891c9d872ad2bb")] diff --git a/src/Microsoft.AspNetCore.AzureKeyVault.HostingStartup/AzureKeyVaultHostingStartup.cs b/src/Microsoft.AspNetCore.AzureKeyVault.HostingStartup/AzureKeyVaultHostingStartup.cs deleted file mode 100644 index a8ca57cedd..0000000000 --- a/src/Microsoft.AspNetCore.AzureKeyVault.HostingStartup/AzureKeyVaultHostingStartup.cs +++ /dev/null @@ -1,93 +0,0 @@ -// Copyright (c) .NET Foundation. All rights reserved. -// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. - -using System; -using System.IO; -using Microsoft.AspNetCore.DataProtection; -using Microsoft.AspNetCore.Hosting; -using Microsoft.Azure.KeyVault; -using Microsoft.Azure.Services.AppAuthentication; -using Microsoft.Extensions.Configuration; -using Microsoft.Extensions.Configuration.AzureKeyVault; -using Microsoft.Extensions.DependencyInjection; - -[assembly: HostingStartup(typeof(Microsoft.AspNetCore.AzureKeyVault.HostingStartup.AzureKeyVaultHostingStartup))] - -namespace Microsoft.AspNetCore.AzureKeyVault.HostingStartup -{ - /// - /// A dynamic KeyVault lightup experience - /// - public class AzureKeyVaultHostingStartup : IHostingStartup - { - private const string HostingStartupName = "KeyVault"; - private const string ConfigurationFeatureName = "ConfigurationEnabled"; - private const string ConfigurationVaultName = "ConfigurationVault"; - private const string DataProtectionFeatureName = "DataProtectionEnabled"; - private const string DataProtectionKeyName = "DataProtectionKey"; - - /// - public void Configure(IWebHostBuilder builder) - { - var azureServiceTokenProvider = new AzureServiceTokenProvider(); - var authenticationCallback = new KeyVaultClient.AuthenticationCallback(azureServiceTokenProvider.KeyVaultTokenCallback); - var keyVaultClient = new KeyVaultClient(authenticationCallback); - - var baseConfiguration = HostingStartupConfigurationExtensions.GetBaseConfiguration(); - - builder.ConfigureServices((context, collection) => - { - var configuration = new ConfigurationBuilder() - .AddConfiguration(baseConfiguration) - .AddConfiguration(context.Configuration) - .Build(); - - if (configuration.IsEnabled(HostingStartupName, DataProtectionFeatureName) && - configuration.TryGetOption(HostingStartupName, DataProtectionKeyName, out var protectionKey)) - { - AddDataProtection(collection, keyVaultClient, protectionKey); - } - }); - - if (baseConfiguration.IsEnabled(HostingStartupName, ConfigurationFeatureName) && - baseConfiguration.TryGetOption(HostingStartupName, ConfigurationVaultName, out var vault)) - { - builder.ConfigureAppConfiguration((context, configurationBuilder) => - { - AddConfiguration(configurationBuilder, keyVaultClient, vault); - }); - } - } - - internal virtual void AddDataProtection(IServiceCollection serviceCollection, KeyVaultClient client, string protectionKey) - { - // Duplicates functionality from GetKeyStorageDirectoryForAzureWebSites in DataProtection - // to detect key storage location when running on Azure - // because you are not alowed to set IXmlEncryptor without setting IXmlRepository - - // Check that we are running in Azure AppServices - var siteId = Environment.GetEnvironmentVariable("WEBSITE_INSTANCE_ID"); - if (string.IsNullOrWhiteSpace(siteId)) - { - return; - } - - var home = Environment.GetEnvironmentVariable("HOME"); - if (string.IsNullOrWhiteSpace(home)) - { - return; - } - - var keyLocation = new DirectoryInfo(Path.Combine(home, "ASP.NET", "DataProtection-Keys")); - - serviceCollection.AddDataProtection() - .ProtectKeysWithAzureKeyVault(client, protectionKey) - .PersistKeysToFileSystem(keyLocation); - } - - internal virtual void AddConfiguration(IConfigurationBuilder configurationBuilder, KeyVaultClient client, string keyVault) - { - configurationBuilder.AddAzureKeyVault(keyVault, client, new DefaultKeyVaultSecretManager()); - } - } -} diff --git a/src/Microsoft.AspNetCore.AzureKeyVault.HostingStartup/Microsoft.AspNetCore.AzureKeyVault.HostingStartup.csproj b/src/Microsoft.AspNetCore.AzureKeyVault.HostingStartup/Microsoft.AspNetCore.AzureKeyVault.HostingStartup.csproj deleted file mode 100644 index 5dbd2a214f..0000000000 --- a/src/Microsoft.AspNetCore.AzureKeyVault.HostingStartup/Microsoft.AspNetCore.AzureKeyVault.HostingStartup.csproj +++ /dev/null @@ -1,24 +0,0 @@ - - - - - - ASP.NET Core lightup integration with Azure KeyVault. - netcoreapp2.1;netcoreapp2.0;net461 - true - aspnetcore;azure;appservices - - - - - - - - - - - - - - - diff --git a/test/Microsoft.AspNetCore.AzureAppServices.SiteExtension.Tests/TransformTest.cs b/test/Microsoft.AspNetCore.AzureAppServices.SiteExtension.Tests/TransformTest.cs index 7e1d0b47aa..98d295b50d 100644 --- a/test/Microsoft.AspNetCore.AzureAppServices.SiteExtension.Tests/TransformTest.cs +++ b/test/Microsoft.AspNetCore.AzureAppServices.SiteExtension.Tests/TransformTest.cs @@ -32,7 +32,6 @@ namespace Microsoft.AspNetCore.AzureAppServices.SiteExtension Assert.Equal("add", depsElement.Name); Assert.Equal("DOTNET_ADDITIONAL_DEPS", depsElement.Attributes["name"].Value); Assert.Equal($@"{XdtExtensionPath}\additionalDeps\Microsoft.AspNetCore.AzureAppServices.HostingStartup\;" + - $@"{XdtExtensionPath}\additionalDeps\Microsoft.AspNetCore.AzureKeyVault.HostingStartup\;" + @"%ProgramFiles%\dotnet\additionalDeps\Microsoft.AspNetCore.AzureAppServices.HostingStartup\", depsElement.Attributes["value"].Value); @@ -44,7 +43,7 @@ namespace Microsoft.AspNetCore.AzureAppServices.SiteExtension var startupAssembliesElement = sharedStoreElement.NextSibling; Assert.Equal("add", startupAssembliesElement.Name); Assert.Equal("ASPNETCORE_HOSTINGSTARTUPASSEMBLIES", startupAssembliesElement.Attributes["name"].Value); - Assert.Equal("Microsoft.AspNetCore.AzureAppServices.HostingStartup;Microsoft.AspNetCore.AzureKeyVault.HostingStartup", startupAssembliesElement.Attributes["value"].Value); + Assert.Equal("Microsoft.AspNetCore.AzureAppServices.HostingStartup", startupAssembliesElement.Attributes["value"].Value); } [Fact] @@ -64,7 +63,6 @@ namespace Microsoft.AspNetCore.AzureAppServices.SiteExtension Assert.Equal("DOTNET_ADDITIONAL_DEPS", depsElement.Attributes["name"].Value); Assert.Equal(@"ExistingValue1;"+ $@"{XdtExtensionPath}\additionalDeps\Microsoft.AspNetCore.AzureAppServices.HostingStartup\;" + - $@"{XdtExtensionPath}\additionalDeps\Microsoft.AspNetCore.AzureKeyVault.HostingStartup\;" + @"%ProgramFiles%\dotnet\additionalDeps\Microsoft.AspNetCore.AzureAppServices.HostingStartup\", depsElement.Attributes["value"].Value); @@ -76,7 +74,7 @@ namespace Microsoft.AspNetCore.AzureAppServices.SiteExtension var startupAssembliesElement = sharedStoreElement.NextSibling; Assert.Equal("add", startupAssembliesElement.Name); Assert.Equal("ASPNETCORE_HOSTINGSTARTUPASSEMBLIES", startupAssembliesElement.Attributes["name"].Value); - Assert.Equal("ExistingValue2;Microsoft.AspNetCore.AzureAppServices.HostingStartup;Microsoft.AspNetCore.AzureKeyVault.HostingStartup", startupAssembliesElement.Attributes["value"].Value); + Assert.Equal("ExistingValue2;Microsoft.AspNetCore.AzureAppServices.HostingStartup", startupAssembliesElement.Attributes["value"].Value); } private static XmlDocument LoadDocAndRunTransform(string docName) diff --git a/test/Microsoft.AspNetCore.AzureAppServicesIntegration.Tests/HostingStartupTests.cs b/test/Microsoft.AspNetCore.AzureAppServicesIntegration.Tests/HostingStartupTests.cs deleted file mode 100644 index 62bd412f41..0000000000 --- a/test/Microsoft.AspNetCore.AzureAppServicesIntegration.Tests/HostingStartupTests.cs +++ /dev/null @@ -1,144 +0,0 @@ -// Copyright (c) .NET Foundation. All rights reserved. -// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. - -using System; -using Microsoft.AspNetCore.Builder; -using Microsoft.AspNetCore.Hosting; -using Microsoft.AspNetCore.TestHost; -using Microsoft.Azure.KeyVault; -using Microsoft.Extensions.Configuration; -using Microsoft.Extensions.DependencyInjection; -using Xunit; - -namespace Microsoft.AspNetCore.AzureKeyVault.HostingStartup.Tests -{ - public class HostinStartupTests - { - [Fact] - public void Configure_AddsDataProtection() - { - Environment.SetEnvironmentVariable("ASPNETCORE_HostingStartup__KeyVault__DataProtectionEnabled", null); - Environment.SetEnvironmentVariable("ASPNETCORE_HostingStartup__KeyVault__DataProtectionKey", "http://vault"); - - var callbackCalled = false; - var builder = new WebHostBuilder().Configure(app => { }); - var mockHostingStartup = new MockAzureKeyVaultHostingStartup( - (collection, client, key) => - { - callbackCalled = true; - Assert.NotNull(collection); - Assert.NotNull(client); - Assert.Equal("http://vault", key); - }, - (configurationBuilder, client, vault) => {} - ); - - mockHostingStartup.Configure(builder); - var _ = new TestServer(builder); - - Assert.True(callbackCalled); - } - - [Theory] - [InlineData("0")] - [InlineData("FALSE")] - [InlineData("false")] - public void Configure_SkipsAddsDataProtection_IfDisabled(string value) - { - Environment.SetEnvironmentVariable("ASPNETCORE_HostingStartup__KeyVault__DataProtectionEnabled", value); - Environment.SetEnvironmentVariable("ASPNETCORE_HostingStartup__KeyVault__DataProtectionKey", "http://vault"); - - var callbackCalled = false; - var builder = new WebHostBuilder().Configure(app => { }); - var mockHostingStartup = new MockAzureKeyVaultHostingStartup( - (collection, client, key) => - { - callbackCalled = true; - }, - (configurationBuilder, client, vault) => {} - ); - - mockHostingStartup.Configure(builder); - var _ = new TestServer(builder); - - Assert.False(callbackCalled); - } - - [Fact] - public void Configure_AddsConfiguration() - { - Environment.SetEnvironmentVariable("ASPNETCORE_HostingStartup__KeyVault__ConfigurationEnabled", null); - Environment.SetEnvironmentVariable("ASPNETCORE_HostingStartup__KeyVault__ConfigurationVault", "http://vault"); - - var callbackCalled = false; - var builder = new WebHostBuilder().Configure(app => { }); - - var mockHostingStartup = new MockAzureKeyVaultHostingStartup( - (collection, client, key) => { }, - (configurationBuilder, client, vault) => - { - callbackCalled = true; - Assert.NotNull(configurationBuilder); - Assert.NotNull(client); - Assert.Equal("http://vault", vault); - } - ); - - mockHostingStartup.Configure(builder); - var _ = new TestServer(builder); - - Assert.True(callbackCalled); - } - - [Theory] - [InlineData("0")] - [InlineData("FALSE")] - [InlineData("false")] - public void Configure_SkipsConfiguration_IfDisabled(string value) - { - Environment.SetEnvironmentVariable("ASPNETCORE_HostingStartup__KeyVault__ConfigurationEnabled", value); - Environment.SetEnvironmentVariable("ASPNETCORE_HostingStartup__KeyVault__ConfigurationVault", "http://vault"); - - var callbackCalled = false; - var builder = new WebHostBuilder().Configure(app => { }); - - var mockHostingStartup = new MockAzureKeyVaultHostingStartup( - (collection, client, key) => { }, - (configurationBuilder, client, vault) => - { - callbackCalled = true; - } - ); - - mockHostingStartup.Configure(builder); - var _ = new TestServer(builder); - - Assert.False(callbackCalled); - } - - private class MockAzureKeyVaultHostingStartup : AzureKeyVaultHostingStartup - { - private readonly Action _dataProtectionCallback; - - private readonly Action _configurationCallback; - - public MockAzureKeyVaultHostingStartup( - Action dataProtectionCallback, - Action configurationCallback) - { - _dataProtectionCallback = dataProtectionCallback; - _configurationCallback = configurationCallback; - } - - internal override void AddDataProtection(IServiceCollection serviceCollection, KeyVaultClient client, string protectionKey) - { - _dataProtectionCallback(serviceCollection, client, protectionKey); - } - - internal override void AddConfiguration(IConfigurationBuilder configurationBuilder, KeyVaultClient client, string keyVault) - { - _configurationCallback(configurationBuilder, client, keyVault); - } - } - } -} diff --git a/test/Microsoft.AspNetCore.AzureAppServicesIntegration.Tests/Microsoft.AspNetCore.AzureAppServicesIntegration.Tests.csproj b/test/Microsoft.AspNetCore.AzureAppServicesIntegration.Tests/Microsoft.AspNetCore.AzureAppServicesIntegration.Tests.csproj index c7461d0784..424386bd43 100644 --- a/test/Microsoft.AspNetCore.AzureAppServicesIntegration.Tests/Microsoft.AspNetCore.AzureAppServicesIntegration.Tests.csproj +++ b/test/Microsoft.AspNetCore.AzureAppServicesIntegration.Tests/Microsoft.AspNetCore.AzureAppServicesIntegration.Tests.csproj @@ -7,7 +7,6 @@ -