-
Notifications
You must be signed in to change notification settings - Fork 642
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Use protected configuration provider instead of reflection
- Loading branch information
1 parent
e58f23c
commit a9409f3
Showing
4 changed files
with
30 additions
and
24 deletions.
There are no files selected for viewing
42 changes: 21 additions & 21 deletions
42
...etGallery/App_Start/SessionPersistence.cs → ...GalleryMachineKeyConfigurationProvider.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,45 +1,45 @@ | ||
// Copyright (c) .NET Foundation. All rights reserved. | ||
// Copyright (c) .NET Foundation. All rights reserved. | ||
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. | ||
|
||
using System; | ||
using System.Configuration; | ||
using System.Reflection; | ||
using System.Web.Configuration; | ||
using System.Web.Mvc; | ||
using System.Xml; | ||
using NuGetGallery.Configuration; | ||
|
||
namespace NuGetGallery | ||
{ | ||
public static class SessionPersistence | ||
public class GalleryMachineKeyConfigurationProvider : ProtectedConfigurationProvider | ||
{ | ||
public static void Setup(IGalleryConfigurationService config) | ||
public override XmlNode Decrypt(XmlNode encryptedNode) | ||
{ | ||
var xmlDoc = new XmlDocument(); | ||
xmlDoc.LoadXml("<machineKey />"); | ||
|
||
// The machine keys are used for encrypting/decrypting cookies used by ASP.NET, these are usually set by IIS in 'Auto' mode. | ||
// During a deployment to Azure cloud service the same machine key values are set on all the instances of a given cloud service, | ||
// thereby providing session persistence across different instances in the same deployment slot. However, across different slots(staging vs production) | ||
// these session keys are different. Thereby causing the loss of session upon a slot swap. Manually setting these values on role start ensures same | ||
// keys are used by all the instances across all the slots of a Azure cloud service. See more analysis here: https://github.com/NuGet/Engineering/issues/1329 | ||
var config = DependencyResolver.Current.GetService<IGalleryConfigurationService>(); | ||
if (config.Current.EnableMachineKeyConfiguration | ||
&& !string.IsNullOrWhiteSpace(config.Current.MachineKeyDecryption) | ||
&& !string.IsNullOrWhiteSpace(config.Current.MachineKeyDecryptionKey) | ||
&& !string.IsNullOrWhiteSpace(config.Current.MachineKeyValidationAlgorithm) | ||
&& !string.IsNullOrWhiteSpace(config.Current.MachineKeyValidationKey)) | ||
{ | ||
var mksType = typeof(MachineKeySection); | ||
var mksSection = ConfigurationManager.GetSection("system.web/machineKey") as MachineKeySection; | ||
var resetMethod = mksType.GetMethod("Reset", BindingFlags.NonPublic | BindingFlags.Instance); | ||
|
||
var machineKeyConfig = new MachineKeySection(); | ||
machineKeyConfig.ApplicationName = mksSection.ApplicationName; | ||
machineKeyConfig.CompatibilityMode = mksSection.CompatibilityMode; | ||
machineKeyConfig.DataProtectorType = mksSection.DataProtectorType; | ||
machineKeyConfig.Validation = mksSection.Validation; | ||
xmlDoc.DocumentElement.SetAttribute("decryptionKey", config.Current.MachineKeyDecryptionKey); | ||
xmlDoc.DocumentElement.SetAttribute("decryption", config.Current.MachineKeyDecryption); | ||
xmlDoc.DocumentElement.SetAttribute("validationKey", config.Current.MachineKeyValidationKey); | ||
xmlDoc.DocumentElement.SetAttribute("validation", config.Current.MachineKeyValidationAlgorithm); | ||
} | ||
|
||
machineKeyConfig.DecryptionKey = config.Current.MachineKeyDecryptionKey; | ||
machineKeyConfig.Decryption = config.Current.MachineKeyDecryption; | ||
machineKeyConfig.ValidationKey = config.Current.MachineKeyValidationKey; | ||
machineKeyConfig.ValidationAlgorithm = config.Current.MachineKeyValidationAlgorithm; | ||
return xmlDoc.DocumentElement; | ||
} | ||
|
||
resetMethod.Invoke(mksSection, new object[] { machineKeyConfig }); | ||
} | ||
public override XmlNode Encrypt(XmlNode node) | ||
{ | ||
throw new NotImplementedException(); | ||
} | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters