Configure AbpStringEncryptionOptions using random values in the template.

Resolve #5743
6 years ago · 0b218b81b7
7 changed files with 102 additions and 1 deletions
--- a/framework/src/Volo.Abp.Cli.Core/Volo/Abp/Cli/ProjectBuilding/Templates/App/AppTemplateBase.cs
+++ b/framework/src/Volo.Abp.Cli.Core/Volo/Abp/Cli/ProjectBuilding/Templates/App/AppTemplateBase.cs
@ -25,6 +25,7 @@ namespace Volo.Abp.Cli.ProjectBuilding.Templates.App
            SwitchDatabaseProvider(context, steps);
            DeleteUnrelatedProjects(context, steps);
            RandomizeSslPorts(context, steps);
+            RandomizeStringEncryption(context, steps);
            UpdateNuGetConfig(context, steps);
            CleanupFolderHierarchy(context, steps);

@ -185,6 +186,11 @@ namespace Volo.Abp.Cli.ProjectBuilding.Templates.App
            );
        }

+        private static void RandomizeStringEncryption(ProjectBuildContext context, List<ProjectBuildPipelineStep> steps)
+        {
+            steps.Add(new RandomizeStringEncryptionStep());
+        }
+
        private static void UpdateNuGetConfig(ProjectBuildContext context, List<ProjectBuildPipelineStep> steps)
        {
            steps.Add(new UpdateNuGetConfigStep("/aspnet-core/NuGet.Config"));
--- a/framework/src/Volo.Abp.Cli.Core/Volo/Abp/Cli/ProjectBuilding/Templates/RandomizeStringEncryptionStep.cs
+++ b/framework/src/Volo.Abp.Cli.Core/Volo/Abp/Cli/ProjectBuilding/Templates/RandomizeStringEncryptionStep.cs
@ -0,0 +1,47 @@
+using System;
+using System.Linq;
+using System.Text;
+using Volo.Abp.Cli.ProjectBuilding.Building;
+
+namespace Volo.Abp.Cli.ProjectBuilding.Templates
+{
+    public class RandomizeStringEncryptionStep: ProjectBuildPipelineStep
+    {
+        public override void Execute(ProjectBuildContext context)
+        {
+            var appSettings = context.Files
+                .Where(x => !x.IsDirectory && x.Name.EndsWith("appSettings.json", StringComparison.InvariantCultureIgnoreCase))
+                .Where(x => x.Content.IndexOf("StringEncryption", StringComparison.InvariantCultureIgnoreCase) >= 0)
+                .ToList();
+
+            const string defaultPassPhrase = "gsKnGZ041HLL4IM8";
+            var randomPassPhrase = GetRandomString(defaultPassPhrase.Length);
+            foreach (var appSetting in appSettings)
+            {
+                appSetting.NormalizeLineEndings();
+
+                var appSettingLines = appSetting.GetLines();
+                for (var i = 0; i < appSettingLines.Length; i++)
+                {
+                    if (appSettingLines[i].Contains(defaultPassPhrase) && appSettingLines[i].Contains(defaultPassPhrase))
+                    {
+                        appSettingLines[i] = appSettingLines[i].Replace(defaultPassPhrase, randomPassPhrase);
+                    }
+                }
+
+                appSetting.SetLines(appSettingLines);
+            }
+        }
+
+        private static string GetRandomString(int length)
+        {
+            const string letters = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
+            var builder = new StringBuilder();
+            for (var i = 0; i < length; i++)
+            {
+                builder.Append(letters[RandomHelper.GetRandom(0, letters.Length)]);
+            }
+            return builder.ToString();
+        }
+    }
+}
--- a/framework/src/Volo.Abp.Security/Volo/Abp/Security/AbpSecurityModule.cs
+++ b/framework/src/Volo.Abp.Security/Volo/Abp/Security/AbpSecurityModule.cs
@ -1,9 +1,45 @@
-using Volo.Abp.Modularity;
+using System;
+using System.Text;
+using Microsoft.Extensions.DependencyInjection;
+using Volo.Abp.Modularity;
+using Volo.Abp.Security.Encryption;

 namespace Volo.Abp.Security
 {
    public class AbpSecurityModule : AbpModule
    {
+        public override void ConfigureServices(ServiceConfigurationContext context)
+        {
+            var configuration = context.Services.GetConfiguration();
+            context.Services.Configure<AbpStringEncryptionOptions>(options =>
+            {
+                var keySize = configuration["StringEncryption:KeySize"];
+                if (!keySize.IsNullOrWhiteSpace())
+                {
+                    if (int.TryParse(keySize, out var intValue))
+                    {
+                        options.Keysize = intValue;
+                    }
+                }

+                var defaultPassPhrase = configuration["StringEncryption:DefaultPassPhrase"];
+                if (!defaultPassPhrase.IsNullOrWhiteSpace())
+                {
+                    options.DefaultPassPhrase = defaultPassPhrase;
+                }
+
+                var initVectorBytes = configuration["StringEncryption:InitVectorBytes"];
+                if (!initVectorBytes.IsNullOrWhiteSpace())
+                {
+                    options.InitVectorBytes = Encoding.ASCII.GetBytes(initVectorBytes);;
+                }
+
+                var defaultSalt = configuration["StringEncryption:DefaultSalt"];
+                if (!defaultSalt.IsNullOrWhiteSpace())
+                {
+                    options.DefaultSalt = Encoding.ASCII.GetBytes(defaultSalt);;
+                }
+            });
+        }
    }
 }
--- a/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.HttpApi.Host/appsettings.json
+++ b/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.HttpApi.Host/appsettings.json
@ -12,6 +12,9 @@
    "Authority": "https://localhost:44301",
    "RequireHttpsMetadata": "true"
  },
+  "StringEncryption": {
+    "DefaultPassPhrase": "gsKnGZ041HLL4IM8"
+  },
  "Settings": {
    "Abp.Mailing.Smtp.Host": "127.0.0.1",
    "Abp.Mailing.Smtp.Port": "25",
--- a/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.HttpApi.HostWithIds/appsettings.json
+++ b/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.HttpApi.HostWithIds/appsettings.json
@ -10,6 +10,9 @@
    "Authority": "https://localhost:44305",
    "RequireHttpsMetadata": "false"
  },
+  "StringEncryption": {
+    "DefaultPassPhrase": "gsKnGZ041HLL4IM8"
+  },
  "Settings": {
    "Abp.Mailing.Smtp.Host": "127.0.0.1",
    "Abp.Mailing.Smtp.Port": "25",
--- a/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.IdentityServer/appsettings.json
+++ b/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.IdentityServer/appsettings.json
@ -9,6 +9,9 @@
  "Redis": {
    "Configuration": "127.0.0.1"
  },
+  "StringEncryption": {
+    "DefaultPassPhrase": "gsKnGZ041HLL4IM8"
+  },
  "Settings": {
    "Abp.Mailing.Smtp.Host": "127.0.0.1",
    "Abp.Mailing.Smtp.Port": "25",
--- a/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.Web/appsettings.json
+++ b/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.Web/appsettings.json
@ -16,6 +16,9 @@
      }
    }
  },
+  "StringEncryption": {
+    "DefaultPassPhrase": "gsKnGZ041HLL4IM8"
+  },
  "Settings": {
    "Abp.Mailing.Smtp.Host": "127.0.0.1",
    "Abp.Mailing.Smtp.Port": "25",