0

I am implementing an auth provider for .net core web api. The "auth" stuff is in a separate project, and has a delegate to the main project. This delegate is used for retrieving the "secret" from a public access id.

public delegate string RetrievePrivateKey(string publicKey);

This is set in the Startup.cs file like so: options.GetPrivateKey += Utilities.APIAccess.GetPrivateKeyFromPublic;

My issue, is that the method NEEDS the database context in order to do the lookup. What would the best way to accomplish this be? The DbContext is a mysql context, with the connection string set via the appsettings.json. For the most part, everything is DI.

For reference, the "GetPrivateKeyFromPublic" method looks like this:

//This does not work, as it isn't grabbing the options/etc.  Was just trying various things I read.
public static string GetPrivateKeyFromPublic(string publicKey)
        {
            DbContextOptions<DirectionsContext> options = new DbContextOptions<DirectionsContext>();
            DirectionsContext ctx = new DirectionsContext(options);
            DeviceService service = new DeviceService(ctx);
            if (publicKey == "<default public>")//testing
                return "<default private>";//testing
            return service.GetPrivateKeyFromPublicKey(publicKey);
        }

Startup.cs

public void ConfigureServices(IServiceCollection services)
        {
            services.AddRazorPages();
            services.AddControllers();
            services.AddDbContext<DirectionsContext>(options => options.UseMySql(Configuration.GetConnectionString("Development")));
            services.AddMemoryCache();
            services.AddSingleton<HmacHandler>();
            services.AddSingleton<HmacOptions>();
            services.AddAuthentication(App.Security.HmacDefaults.AuthenticationScheme).AddHmac(options =>
            {
                options.AuthName = "HMAC-SHA256";
                options.CipherStrength = HmacCipherStrength.Hmac256;
                options.EnableNonce = true;
                options.EnableDeviceOS = true;
                options.RequestTimeLimit = 5;
                options.GetPrivateKey += Utilities.APIAccess.GetPrivateKeyFromPublic;
                options.GetDeviceOS += Utilities.DeviceIdentify.GetDeviceOSFromUserAgent;//Utilities.DeviceUtility.GetDeviceOSFromUserAgent;
            });
raithedavion
  • 127
  • 1
  • 12
  • Can you add the relevant portion of the `Startup.cs` file? – Aluan Haddad Jan 23 '21 at 00:00
  • 1
    Edited to include that. – raithedavion Jan 23 '21 at 00:03
  • I mean, I can always go the route this guy did in this post: https://stackoverflow.com/questions/41411384/how-to-inject-dbcontext-instance-in-the-configureservices-method-of-startup-cs-c It just seems messy (send context to auth project, add a parameter to the GetPrivateKeyFromPublic for the context, etc... – raithedavion Jan 23 '21 at 00:15
  • The problem is not having access to the `IServiceProvider` in during configuration. – Aluan Haddad Jan 23 '21 at 00:16

1 Answers1

0

As I said in my comment, I basically did the following:

I setup a generic DbContext object inside of the HmacOptions. This then gets passed in through the ConfigureServices() method in Startup.cs.

services.AddAuthentication(Directions.App.Security.HmacDefaults.AuthenticationScheme).AddHmac(options =>
            {
                options.AuthName = "HMAC-SHA256";
                options.CipherStrength = HmacCipherStrength.Hmac256;
                options.EnableNonce = true;
                options.EnableDeviceOS = true;
                options.RequestTimeLimit = 5;
                options._Context = context;
                options.GetPrivateKey += Utilities.APIAccess.GetPrivateKeyFromPublic;
                options.GetDeviceOS += Utilities.DeviceIdentify.GetDeviceOSFromUserAgent;
            });

The generic db context is then used inside of the auth library.

raithedavion
  • 127
  • 1
  • 12