5 ASP.NET / MVC 6加密配置 [英] ASP.NET 5 / MVC 6 Encrypted Configuration

问题描述

使用web.config中消失，什么是存储在Web应用程序的配置敏感资讯（如密码，令牌）的preferred方式使用内置MVC 6？

With web.config going away, what is the preferred way to store sensitive info (passwords, tokens) in the configurations of a web app built using MVC 6?

有没有办法在appsetttings.json自动获得加密的配置节？

Is there a way to automatically get encrypted configuration sections in appsetttings.json?

推荐答案

用户机密看起来像存储密码的很好的解决方案，并且通常，应用程序的秘密，至少的在开发过程中的

User secrets looks like a good solution for storing passwords, and, generally, application secrets, at least during development.

勾选此文章或的这个。您还可以检查<一href=\"https://stackoverflow.com/questions/31426358/where-should-i-store-the-connection-string-for-the-production-environment-of-my\">this其他SO问题。

Check this article or this. You can also check this other SO question.

这仅仅是一个隐藏你在开发过程中的秘密，避免他们dislosing到源代码树的方式;秘密管理器工具不加密存储的秘密，不应该被视为一个值得信赖的商店。

This is just a way to "hide" you secrets during development process and to avoid dislosing them into the source tree; the Secret Manager tool does not encrypt the stored secrets and should not be treated as a trusted store.

如果你想要把加密appsettings.json到生产，有没有这方面的限​​制。你可以建立自己的自定义配置提供。
检查这个。

If you want to bring an encrypted appsettings.json to production, there is no limit about that. You can build your custom configuration provider. Check this.

例如：

    public class CustomConfigProvider : ConfigurationProvider
    {
        public CustomConfigProvider()
        {

        }

        public override void Load()
        {
            Data = UnencryptMyConfiguration();
        }

        private IDictionary<string, string> UnencryptMyConfiguration()
        {
            // do whatever you need to do here, for example load the file and unencrypt key by key
        }

        private IDictionary<string, string> CreateAndSaveDefaultValues(IDictionary<string, string> defaultDictionary)
        {
            var configValues = new Dictionary<string, string>
            {
                {"key1", "encryptedValue1"},
                {"key2", "encryptedValue2"}
            };
            return configValues;                
        }
    }

定义静态类的扩展方法：

Define a static class for your extension method:

public static class CustomConfigProviderExtensions
{              
        public static IConfigurationBuilder AddEncryptedProvider(this IConfigurationBuilder builder)
        {
            return builder.Add(new CustomConfigProvider());
        }
}

然后你就可以激活它：

And then you can activate it:

 // Set up configuration sources.
        var builder = new ConfigurationBuilder()
            .AddJsonFile("appsettings.json")
            .AddEncryptedProvider()
            .AddJsonFile($"appsettings.{env.EnvironmentName}.json", optional: true);

这篇关于5 ASP.NET / MVC 6加密配置的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！