文章/答案/技术大牛

发布

社区首页 >问答首页 >为开发和生产环境配置证书签名

问为开发和生产环境配置证书签名
EN

Code Review用户

提问于 2018-03-14 11:04:15

回答 1查看 1.1K关注 0票数 1

下面的代码可以工作，但有很多重复，我想知道我是否可以四处走动。

如果在开发环境中，我希望能够使用.AddDeveloperSigningCredential(false)，否则设置证书集合对象并使用.AddSigningCredential(certCollection[0])。

    public void ConfigureServices(IServiceCollection services)
    {
        services.AddDbContext<RSNROAuthContext>(options =>
            options.UseSqlServer(Configuration.GetConnectionString("RSNRAccountDB")));

        services.AddScoped(typeof(IUserProfileRepository), typeof(UserProfileRepository));

        services.AddIdentity<User, IdentityRole>(config =>
            {
                config.SignIn.RequireConfirmedEmail = true;
            })
            .AddEntityFrameworkStores<RSNROAuthContext>()
            .AddDefaultTokenProviders();

        // Add application services.
        services.AddTransient<IEmailSender, EmailSender>();
        services.AddTransient<IProfileService, ProfileService>();

        services.AddMvc();

        string connectionString = Configuration.GetConnectionString("RSNRAccountDB");

        X509Store certStore = new X509Store(StoreName.My, StoreLocation.CurrentUser);
        certStore.Open(OpenFlags.ReadOnly);

        if (Env.IsDevelopment())
        {
            // configure identity server with in-memory stores, keys, clients and scopes
            services.AddIdentityServer()

                .AddDeveloperSigningCredential(false)
                .AddAspNetIdentity<User>()
                // this adds the config data from DB (clients, resources)
                .AddConfigurationStore(options =>
                {
                    options.ConfigureDbContext = builder =>
                        builder.UseSqlServer(connectionString,
                            sql => sql.MigrationsAssembly("RSNR.OAuth.DAL"));
                })
                // this adds the operational data from DB (codes, tokens, consents)
                .AddOperationalStore(options =>
                {
                    options.ConfigureDbContext = builder =>
                        builder.UseSqlServer(connectionString,
                            sql => sql.MigrationsAssembly("RSNR.OAuth.DAL"));

                    // this enables automatic token cleanup. this is optional.
                    options.EnableTokenCleanup = true;
                    options.TokenCleanupInterval = 30;
                })
                .AddProfileService<ProfileService>();
            }
        else
        {
            X509Certificate2Collection certCollection = certStore.Certificates.Find(X509FindType.FindByThumbprint, Configuration["WEBSITE_LOAD_CERTIFICATES"], false);

            // configure identity server with in-memory stores, keys, clients and scopes
            services.AddIdentityServer()
                .AddSigningCredential(certCollection[0])

                .AddAspNetIdentity<User>()
                // this adds the config data from DB (clients, resources)
                .AddConfigurationStore(options =>
                {
                    options.ConfigureDbContext = builder =>
                        builder.UseSqlServer(connectionString,
                            sql => sql.MigrationsAssembly("RSNR.OAuth.DAL"));
                })
                // this adds the operational data from DB (codes, tokens, consents)
                .AddOperationalStore(options =>
                {
                    options.ConfigureDbContext = builder =>
                        builder.UseSqlServer(connectionString,
                            sql => sql.MigrationsAssembly("RSNR.OAuth.DAL"));

                    // this enables automatic token cleanup. this is optional.
                    options.EnableTokenCleanup = true;
                    options.TokenCleanupInterval = 30;
                })
                .AddProfileService<ProfileService>();

        }

            services.Configure<AuthMessageSenderOptions>(Configuration);
            services.Configure<ClientOptions>(Configuration);
    }

entity-framework-core

asp.net-mvc

asp.net-core

ssl

回答 1

Code Review用户

回答已采纳

发布于 2018-03-14 15:11:24

在if和else分支中有大量的重复代码可以被提取。假设services.XXX()方法使用的是fluent样式，并且每个调用都返回一个IServiceCollection，则如下所示

    IIdentityServerBuilder serverBuilder = services.AddIdentityServer();

    if (Env.IsDevelopment())
    {
        // configure identity server with in-memory stores, keys, clients and scopes
            serverBuilder.AddDeveloperSigningCredential(false);
    }
    else
    {
        X509Certificate2Collection certCollection = certStore.Certificates.Find(X509FindType.FindByThumbprint, Configuration["WEBSITE_LOAD_CERTIFICATES"], false);

        // configure identity server with in-memory stores, keys, clients and scopes
        serverBuilder.AddSigningCredential(certCollection[0]);
    }

    serverBuilder.AddAspNetIdentity<User>()
    // this adds the config data from DB (clients, resources)
    .AddConfigurationStore(options =>
    {
        options.ConfigureDbContext = builder =>
            builder.UseSqlServer(connectionString,
                sql => sql.MigrationsAssembly("RSNR.OAuth.DAL"));
    })
    // this adds the operational data from DB (codes, tokens, consents)
    .AddOperationalStore(options =>
    {
        options.ConfigureDbContext = builder =>
            builder.UseSqlServer(connectionString,
                sql => sql.MigrationsAssembly("RSNR.OAuth.DAL"));

        // this enables automatic token cleanup. this is optional.
        options.EnableTokenCleanup = true;
        options.TokenCleanupInterval = 30;
    })
    .AddProfileService<ProfileService>();

票数 2

页面原文内容由Code Review提供。腾讯云小微IT领域专用引擎提供翻译支持

原文链接：

https://codereview.stackexchange.com/questions/189562

复制

相似问题

问为开发和生产环境配置证书签名
EN

回答 1

Code Review用户

社区

活动

圈层

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问为开发和生产环境配置证书签名EN

回答 1

Code Review用户

社区

活动

圈层

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问为开发和生产环境配置证书签名
EN