MachineKey setup through application settings

Question

MachineKey setup through application settings

We have a .NET 4.5.x oss application that we deploy to azure sites using git deploy. We have a build server that transfers artifacts to the git repository, and then we use it to deploy git. We use the application settings in azure mode to control everything. However, I encounter roadblocks that are looking for a way to set the car key using the application settings / environment variables. Does anyone else encounter this problem and solve it?

PS, It seems that the only thing machineKey uses in our application is SignalR ... I wonder if there is a safe and secure way to replace IProtectData without using a machine key to generate tokens.

+4

c # signalr

Blake niemyjski Jul 13 '15 at 23:21

source share

1 answer

Chadwick · Answer 1 · 2017-03-13T13:31:33+0000

Like you, I wanted to be able to install machine keys, but not pass them to web.config, which goes to the original control and becomes a security risk, and can use the same configuration system for each environment that we use with AppSettings . I found a solution for this, although it is a bit ugly as it uses reflection to manage the configuration MachineKeySection.

var getter = typeof(MachineKeySection).GetMethod("GetApplicationConfig", BindingFlags.Static | BindingFlags.NonPublic);
var config = (MachineKeySection)getter.Invoke(null, Array.Empty<object>());

var readOnlyField = typeof(ConfigurationElement).GetField("_bReadOnly", BindingFlags.Instance | BindingFlags.NonPublic);
readOnlyField.SetValue(config, false);

config.DecryptionKey = myKeys.EncryptionKey;
config.ValidationKey = myKeys.ValidationKey;

readOnlyField.SetValue(config, true);

, , , , . - , .

: https://gist.github.com/cmcnab/d2bbed02eb429098ed3656a0729ee40a

MachineKey setup through application settings

More articles: