Alternative authorisation using code or dotnet app settings.
See original GitHub issueHi,
I would like to know if there is any alternative method for authentication rather than using separate deployed file and environment variables.
The current defacto for dotnet standard for setting is to use the appsettings.json. Is there an opportunity to use appsettings.json ConfigurationSection
to define google authentication?
Ideally to do something like.
SessionsClient.Create(new GoogleCredential(_configurationSection["dialogflow-test"]))
Or
SessionsClient.Create(new GoogleCredential(_type,_client,_pkey)
Sorry there might be something like this already but I can’t seem to find the documentation for it.
Thanks Rolf
Issue Analytics
- State:
- Created 5 years ago
- Reactions:1
- Comments:32 (5 by maintainers)
Top Results From Across the Web
Alternative authorisation using code or dotnet app settings.
Hi,. I would like to know if there is any alternative method for authentication rather than using separate deployed file and environment ...
Read more >Create an ASP.NET Core app with user data protected by ...
Learn how to create an ASP.NET Core web app with user data protected by authorization. Includes HTTPS, authentication, security, ASP.
Read more >Configure Windows Authentication in ASP.NET Core
Create a new Razor Pages or MVC app. In the Additional information dialog, set the Authentication type to Windows. Run the app. The...
Read more >A web API that calls web APIs: Code configuration
Learn how to build a web API that calls web APIs (app's code configuration)
Read more >Configure certificate authentication in ASP.NET Core
Learn how to configure certificate authentication in ASP.NET Core for IIS and HTTP.sys.
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
@amanda-tarafa
I thin there are a couple options:
GoogleCredential.FromSecretsSection(Configuration.GetSection(“GoogleCredentials”)); Where GooglCredentials is the key in the UserSecret.json and the json data provided when getting credentials can be its sub key/values with the assumption that GoogleCredential is able to extract those values as they already follow the format it would use.
Alternatively: GoogleCredential.FromValues(type, projectId, privateKeyId, privateKey, clientEmail, clientId, authUrl, tokenUrl, authProviderCertUrl, clientCertUrl); Where these parameters align with the parameters in the json provided by Google.
The link I shared does indeed talk about api keys and I absolutely consider those a form of credentials. The same security precautions apply to service account credentials, oauth credentials, etc. I do not believe we should be adding to the number of files we need to import (already doing usersecrets.json which is the .NET solution for this type of thing). I would recommend using the .NET native approach of using the userscrets.json instead of creating your own file. When not using a file (usersecrets.json) and using a secrets manager, we still need a mechanism similar to the second approach I mentioned above where I can pass values directly.
var initializer = new ServiceAccountCredential.Initializer { Id = ..., Scopes = ..., User = ..., Key = ..., // This is an RSA, which may not be terribly simple to construct ... }; var saCredential = new ServiceAccountCredential(initializer); var credential = GoogleCredential.FromServiceAccountCredential(saCredential);
I tried this but the Initializer required a 2 parameter constructor which is fine, that doesn’t bother me. What does bother me is that Key field. Under the hood, you’re clearly able to do this work if I were to pass a JSON file, but instead I have to implement it if I don’t do it “your way” and I don’t mean your as in you specifically but the way in which the lib dictates. When I look at the service acount json file provided to me by Google, I don’t see id, user, key, etc. I see those parameters I mentioned in the 2nd option. It is unclear what aligns with what even with the intellisense descriptions.
@huberzeljko: I included the content of the service key as the Azure Key Value.
I no longer use it, but the code I did use is here: https://github.com/nodatime/nodatime.org/blob/cc7a29f31dec100e05e156367d6810fd6ca8b7e0/src/NodaTime.Web/Providers/GoogleCredentialProvider.cs