Configuring ASP.NET Core Data Protection Provider
ASP.NET Core provides Data Protection, which allows you to protect your data using different encryption algorithms. The data protection system employs a discovery mechanism by default to determine where the cryptographic keys should persist. The developer can override the default discovery mechanism and manually specify the location.
Note
This feature is available in NCache Enterprise only.
NCache, here, works as a key storage provider to store the keys for data protection services. To configure NCache ASP.NET Core Data Protection Provider, follow the steps below.
Note
This feature is available in NCache 5.3.1 onwards.
Prerequisites for Configuring ASP.NET Core Data Protection Provider
- Install the following NuGet packages in your application based on your NCache edition:
- Enterprise: AspNetCore.DataProtection.NCache
- To utilize the extension, include the following namespaces in your application:
- The cache must be running.
- For API details, refer to:
PersistKeysToNCache. - To ensure the operation is fail-safe, it is recommended to handle any potential exceptions within your application, as explained in Handling Failures.
- To handle any unseen exceptions, refer to the Troubleshooting section.
Step 1: Configure Data Protection Service
ASP.NET Core provides its middleware for Data Protection. This has to be added to the service collection using the AddDataProtection method.
Open the Startup.cs file of your project.
In the
ConfigureServicesmethod, add the following service:
public void ConfigureServices(IServiceCollection services)
{
services.AddDataProtection();
}
Step 2: Install the NuGet Package
Install the NuGet package that allows to persist ASP.NET Core Data Protection keys in NCache. To install the NuGet package, open Visual Studio and go to Tools -> NuGet Package Manager -> Package Manager Console.
Step 3: Configure NCache as a Key Storage Provider for the Data Protection Service
Once the NuGet package has been installed, configure NCache as a key storage provider to store keys for data protection services.
public void ConfigureServices(IServiceCollection services)
{
string cacheName = "demoCache";
string cacheTag = "encryptions_keys_tag";
services.AddDataProtection().PersistKeysToNCache(cacheName, cacheTag);
}
To use logging with the NCache storage provider, enable logging in IServiceCollection.
public void ConfigureServices(IServiceCollection services)
{
string cacheName = "demoCache";
string cacheTag = "encryptions_keys_tag";
services.AddLogging(builder =>
builder.AddConsole()
);
services.AddDataProtection().PersistKeysToNCache(cacheName, cacheTag);
}
Step 4: Use NCache as a Key Storage Provider in ASP.NET Core
To use NCache as a key storage provider in ASP.NET Core Data Protection Provider, implement the sample application below:
string cacheName = "demoCache";
string cacheTag = "encryptions_keys_tag";
var serviceCollection = new ServiceCollection();
serviceCollection.AddLogging
(builder =>
builder.AddConsole()
);
serviceCollection.AddDataProtection()
.PersistKeysToNCache(cacheName,cacheTag);
var services = serviceCollection.BuildServiceProvider();
// Create an instance of CustomDataProtector using the service provider
var instance = ActivatorUtilities.CreateInstance<CustomDataProtector>(services);
instance.ProtectUnprotectData();
This CustomDataProtector class implements a method that is used for protecting and unprotecting the data.
public class CustomDataProtector
{
IDataProtector _protector;
// The 'provider' parameter is provided by DI
public CustomDataProtector(IDataProtectionProvider provider)
{
_protector = provider.CreateProtector("Contoso.MyClass.v1");
}
public void ProtectUnprotectData()
{
Console.Write("Enter input: ");
string input = Console.ReadLine();
// Protect the payload
string protectedPayload = _protector.Protect(input);
Console.WriteLine($"Protect returned: {protectedPayload}");
// Unprotect the payload
string unprotectedPayload = _protector.Unprotect(protectedPayload);
Console.WriteLine($"Unprotect returned: {unprotectedPayload}");
}
}
See Also
.NET: Alachisoft.NCache.AspNetCore.DataProtection namespace.
