ASP.NET Core Web Api配置Azure Key Vault
1. 项目创建
1.1 安装
下载.NETCORE SDK 进行安装
下载NETCORE RUNTIME进行安装.
下载Runtime & Hosting Bundle进行安装
下载地址:https://dotnet.microsoft.com/download/dotnet-core
微软的安装在windows方面很简单,基本就是一键安装.
1.2 开发工具
VisualStudio 2019
1.3建立项目工程
点击文件创建项目,出现如下图示
选择画红圈部分,接着出现如下图示
2. Azure Key Vault
2.1 将应用程序与 Azure Active Directory 集成
2.1.1登录Azure protal , 选择Azure Active Directory 网址:https://portal.azure.cn
2.1.2 选择应用注册
2.1.3 点击添加新注册,输入名称点确定,即会自动生成客户端ID
2.2 创建key vault
2.3 创建机密
3. 代码配置 Key Vault
3.1 安装nuget依赖包
net core 3.1使用下面的包
<ItemGroup>
<PackageReference Include="Microsoft.Extensions.Configuration.AzureKeyVault" Version="3.1.0" />
</ItemGroup>
3.2 代码配置
Program.cs public class Program { public static void Main(string[] args) { BuildWebHost(args).Run(); } public static IWebHost BuildWebHost(string[] args) => WebHost.CreateDefaultBuilder(args) .ConfigureAppConfiguration((ctx, builder) => { var keyVaultEndpoint = GetKeyVaultEndpoint(); if (!string.IsNullOrEmpty(keyVaultEndpoint)) { var azureServiceTokenProvider = new AzureServiceTokenProvider(); var keyVaultClient = new KeyVaultClient( new KeyVaultClient.AuthenticationCallback( azureServiceTokenProvider.KeyVaultTokenCallback)); builder.AddAzureKeyVault( keyVaultEndpoint, keyVaultClient, new DefaultKeyVaultSecretManager()); } } ).UseStartup<Startup>() .Build(); private static string GetKeyVaultEndpoint() => "https://abb-key-vault.vault.azure.cn/"; }
3.3 使用key vault
public class AboutModel : PageModel { public string Message { get; set; } public AboutModel(IConfiguration configuration) { _configuration = configuration; } private readonly IConfiguration _configuration = null; public void OnGet() { Message = "My key val = " + _configuration["AppSecret"]; } }
其中 “AppSecret”即是key vault中设置的键,通过_configuration["AppSecret"]可以获取到值。
