Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow the location of the X509Certificate to be configured #95

Open
2 tasks
Alxandr opened this issue Apr 29, 2024 · 3 comments
Open
2 tasks

Allow the location of the X509Certificate to be configured #95

Alxandr opened this issue Apr 29, 2024 · 3 comments
Labels
kind/feature-request New feature or request

Comments

@Alxandr
Copy link

Alxandr commented Apr 29, 2024

Description

In SigningCredentialsResolver, the path to the signing certificate is hard-coded to be Directory.GetParent(Directory.GetCurrentDirectory()).FullName + some configured value. This has some weird issues where by default, when running locally, I end up having to place the certificate in C:\Users\ALEHEI\hub\resource-registry-2\srcaccesstoken. Note the ending srcaccesstoken - this is because the path is joined by string concatenation and not using any of the Path methods.

Beyond that, the fact that I cannot specify the path as a global path is also a problem. This means I can't just have 1 of the certificates on my machine, I have to copy it to every repo (and fix/update gitignore).

So there's 2 things I'd like changed here:

  • fix path handling so that I don't end up with weird paths like this
  • allow configuring the location as a global path

Additional Information

No response
@Alxandr Alxandr added the kind/feature-request New feature or request label Apr 29, 2024
@SandGrainOne
Copy link
Member

SandGrainOne commented Jun 4, 2024
edited
Loading

The hard coded value can be overridden by adding a configuration section to appsettings.json or any other configuration source. This should work:

{
    "AccessTokenSettings": {
        "AccessTokenSigningKeysFolder": "/accesstoken/",
        "AccessTokenSigningCertificateFileName": "mycert.pfx"
    }
}

Keeping the issue to consider changing from string concatenation to Path.Combine, and the option to configure base path as well. This would need to be backwards compatible where default behaviour is to use parent of current directory.

@Alxandr
Copy link
Author

Alxandr commented Jun 4, 2024

Except you can't configure it to be outside of your project directory. So I can't have 1 certificate on my machine and just setup an environment variable that all projects will use, because they all hardcode the path to start with the current working directory.

@SandGrainOne
Copy link
Member

SandGrainOne commented Jun 4, 2024
edited
Loading

Except you can't configure it to be outside of your project directory. So I can't have 1 certificate on my machine and just setup an environment variable that all projects will use, because they all hardcode the path to start with the current working directory.

I acknowledged that brifely in my comment. Updated to make it more obvious.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/feature-request New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Alxandr @SandGrainOne