Post
Ask Question

Installing And Using Secret Manager On ASP.NET Core

In your ASP.NET Core application you can load settings from a file named secrets.json that can store API ids and secrets. The whole point of using this secret storage is to avoid having your ClientId and ClientSecret exposed on source control. In production you can have it stored on environment settings.

In your ASP.NET Core application you can load settings from a file named secrets.json that can store API ids and secrets. The default generated template includes,

  1. if (env.IsDevelopment())  
  2. {  
  3.     builder.AddUserSecrets();  
  4. }

That is going to add that file only on a development environment. So the whole point of using this secret storage is to avoid having your ClientId and ClientSecret exposed on source control. In production you can have it stored on environment settings, the generated template includes,

  1. builder.AddEnvironmentVariables();

Which is going to add the environment variables on your application configuration.

In order to do that first test your environment by typing dnx in the command prompt. If it doesn’t find dnx then run the following,

  1. cd %userprofile%\.dnx\runtimes\dnx-coreclr-win-x64.1.0.0-rc1-update1\bin  
  2. dnvm upgrade  

This is going to update the path and other things, after that you can run this other command to install the SecretManager,

  1. dnu commands install Microsoft.Extensions.SecretManager  

To finally store the application secrets you can run,

  1. user-secret set Authentication:Google:ClientId <yourId>  
  2. user-secret set Authentication:Google:ClientSecret <yourSecret>  

In the %APPDATA%\microsoft\UserSecrets folder there is going to be a folder for your project and then a secrets.json inside.

secrets

Then finally using it on your application, install Google Authentication,

  1. Install-Package Microsoft.AspNet.Authentication.Google -Pre  

Note the -Pre option, as of the date of this post this package will not be found if you do not include this option.

  1. app.UseGoogleAuthentication(options=>   
  2. {  
  3.     options.ClientId = Configuration["Authentication:Google:ClientId"];  
  4.     options.ClientSecret = Configuration["Authentication:Google:ClientSecret"];  
  5. });