From 3f6d84a4d590b06b425893edf9d236c8444c5d94 Mon Sep 17 00:00:00 2001 From: maliming Date: Thu, 9 Jan 2025 18:35:39 +0800 Subject: [PATCH] Set `X509KeyStorageFlags` for `IIS` environment. Resolve #19150 --- .../DependencyInjection/NativeMethods.cs | 22 +++++++++++++++++++ .../OpenIddictServerBuilderExtensions.cs | 6 +++++ .../Volo.Abp.OpenIddict.AspNetCore.csproj | 1 + 3 files changed, 29 insertions(+) create mode 100644 modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Microsoft/Extensions/DependencyInjection/NativeMethods.cs diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Microsoft/Extensions/DependencyInjection/NativeMethods.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Microsoft/Extensions/DependencyInjection/NativeMethods.cs new file mode 100644 index 00000000000..88f7de99997 --- /dev/null +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Microsoft/Extensions/DependencyInjection/NativeMethods.cs @@ -0,0 +1,22 @@ +using System; +using System.Runtime.InteropServices; + +namespace Microsoft.Extensions.DependencyInjection; + +/// +/// https://github.com/dotnet/aspnetcore/blob/release/9.0/src/Servers/IIS/IIS/src/NativeMethods.cs +/// +static internal partial class NativeMethods +{ + private const string KERNEL32 = "kernel32.dll"; + + private const string AspNetCoreModuleDll = "aspnetcorev2_inprocess.dll"; + + [LibraryImport(KERNEL32, EntryPoint = "GetModuleHandleW")] + private static partial IntPtr GetModuleHandle([MarshalAs(UnmanagedType.LPWStr)] string lpModuleName); + + public static bool IsAspNetCoreModuleLoaded() + { + return GetModuleHandle(AspNetCoreModuleDll) != IntPtr.Zero; + } +} diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Microsoft/Extensions/DependencyInjection/OpenIddictServerBuilderExtensions.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Microsoft/Extensions/DependencyInjection/OpenIddictServerBuilderExtensions.cs index 046bde64eb9..7d7670b5c41 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Microsoft/Extensions/DependencyInjection/OpenIddictServerBuilderExtensions.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Microsoft/Extensions/DependencyInjection/OpenIddictServerBuilderExtensions.cs @@ -1,3 +1,4 @@ +using System; using System.IO; using System.Security.Cryptography.X509Certificates; @@ -12,6 +13,11 @@ public static OpenIddictServerBuilder AddProductionEncryptionAndSigningCertifica throw new FileNotFoundException($"Signing Certificate couldn't found: {fileName}"); } + if (flag == null && OperatingSystem.IsWindows() && NativeMethods.IsAspNetCoreModuleLoaded()) + { + flag = X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.EphemeralKeySet; + } + var certificate = flag != null ? X509CertificateLoader.LoadPkcs12FromFile(fileName, passPhrase, flag.Value) : X509CertificateLoader.LoadPkcs12FromFile(fileName, passPhrase); diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo.Abp.OpenIddict.AspNetCore.csproj b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo.Abp.OpenIddict.AspNetCore.csproj index b249bd50299..a5208574f5d 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo.Abp.OpenIddict.AspNetCore.csproj +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo.Abp.OpenIddict.AspNetCore.csproj @@ -7,6 +7,7 @@ net9.0 Library true + true