.NET core DataProtection Keys are not renewing automatically - azure

Last summer I switched to using blob storage and KeyVault to store and encrypt my data protection keys for my simple .NET Core web app. I did this so users would not have to log back in after I swapped my deployment environment from staging to production.
I used the following page as a guide. https://learn.microsoft.com/en-us/aspnet/core/security/data-protection/configuration/overview?view=aspnetcore-5.0
Here is my startup config.
services.AddDataProtection()
.PersistKeysToAzureBlobStorage(new Uri($"{dpSettings.BlobUrl}{dpSettings.SasToken}"))
.ProtectKeysWithAzureKeyVault(new Uri(dpSettings.KeyVaultUrl), new DefaultAzureCredential());
References Used
<PackageReference Include="Azure.Extensions.AspNetCore.DataProtection.Keys" Version="1.0.2" />
<PackageReference Include="Azure.Identity" Version="1.3.0" />
<PackageReference Include="BuildBundlerMinifier" Version="3.2.449" />
<PackageReference Include="EPPlus" Version="4.5.3.2" />
<PackageReference Include="HtmlSanitizer" Version="5.0.376" />
<PackageReference Include="Microsoft.ApplicationInsights.AspNetCore" Version="2.17.0" />
<PackageReference Include="Microsoft.ApplicationInsights.PerfCounterCollector" Version="2.17.0" />
<PackageReference Include="Microsoft.AspNetCore.DataProtection.AzureStorage" Version="3.1.13" />
<PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="5.0.4" />
<PackageReference Include="Microsoft.AspNetCore.Mvc.Razor.RuntimeCompilation" Version="5.0.4" />
<PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="5.0.4">
<PrivateAssets>all</PrivateAssets>
<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
</PackageReference>
<PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="5.0.4" />
<PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="5.0.4">
<PrivateAssets>all</PrivateAssets>
<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
</PackageReference>
<PackageReference Include="Microsoft.Extensions.Logging.Debug" Version="5.0.0" />
<PackageReference Include="Microsoft.VisualStudio.Web.CodeGeneration.Design" Version="5.0.2" PrivateAssets="All" />
<PackageReference Include="Postmark" Version="4.5.0" />
<PackageReference Include="Stripe.net" Version="35.17.0" />
<PackageReference Include="TimeZoneConverter" Version="3.4.0" />
It works great but... after 90 days, the site stops working and the following error is reported.
Message: An error occurred while trying to encrypt the provided data. Refer to the inner exception for more information.
Stacktrace:
at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Protect(Byte[] plaintext)
at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgeryTokenSerializer.Serialize(AntiforgeryToken token)
at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgery.Serialize(IAntiforgeryFeature antiforgeryFeature)
at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgery.GetAndStoreTokens(HttpContext httpContext)
at...
After some troubleshooting I found that the keys.xml file in the blob storage had an expiration date of today. My understanding is that a new key should be created as the expiration date approaches. To fix, I just delete the keys.xml file, and then the app creates a new one. I suppose I could automate this, but I'm pretty sure I shouldn't have to. Any help is appreciated.

Related

FunctionApp V4 SeviceBusTrigger not fired

I'm running FunctionApp v4(Azure) and ServiceBusTrigger binding and blob binding, but its not fired, messages are not read from subscription. The app is running ok.
Im running functionapps v3 without any problems, the code is copied and packagereferences is updated. When I run locally, everything works fine.
<Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup>
<TargetFramework>net6.0</TargetFramework>
<AzureFunctionsVersion>v4</AzureFunctionsVersion>
<_FunctionsSkipCleanOutput>true</_FunctionsSkipCleanOutput>
<!-- if this is not set, Microsoft optimizes away necessary assemblies for dependency injection and authentication-->
</PropertyGroup>
<ItemGroup>
<PackageReference Include="Microsoft.Azure.WebJobs.Extensions.ServiceBus" Version="5.8.0" />
<PackageReference Include="Microsoft.Azure.WebJobs.Extensions.Storage" Version="5.0.1" />
<PackageReference Include="Microsoft.NET.Sdk.Functions" Version="4.1.3" />
<PackageReference Include="Microsoft.Azure.Functions.Extensions" Version="1.1.0" />
<PackageReference Include="Microsoft.Extensions.Http" Version="6.0.0" />

What are all the nuget Packages are required for Azure App Insight

I am building a .Net Core 3.1 WebAPI and I would be deploying it on the Azure Web Service. I want to enable the App Insight
At present, I have the following nuget packages
<ItemGroup>
<PackageReference Include="Microsoft.ApplicationInsights" Version="2.20.0" />
<PackageReference Include="Microsoft.ApplicationInsights.Agent.Intercept" Version="2.4.0" />
<PackageReference Include="Microsoft.ApplicationInsights.AspNetCore" Version="2.20.0" />
<PackageReference Include="Microsoft.ApplicationInsights.DependencyCollector" Version="2.20.0" />
<PackageReference Include="Microsoft.ApplicationInsights.PerfCounterCollector" Version="2.20.0" />
<PackageReference Include="Microsoft.ApplicationInsights.TraceListener" Version="2.20.0" />
<PackageReference Include="Microsoft.ApplicationInsights.Web" Version="2.20.0" />
<PackageReference Include="Microsoft.ApplicationInsights.WindowsServer" Version="2.20.0" />
<PackageReference Include="Microsoft.ApplicationInsights.WindowsServer.TelemetryChannel" Version="2.20.0" />
<PackageReference Include="Microsoft.AspNet.TelemetryCorrelation" Version="1.0.8" />
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="5.0.5" />
<PackageReference Include="Microsoft.AspNetCore.Authentication.OpenIdConnect" Version="5.0.5" />
<PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="6.0.0" />
<PackageReference Include="Microsoft.Extensions.DependencyInjection.Abstractions" Version="6.0.0" />
<PackageReference Include="Microsoft.Extensions.Logging.ApplicationInsights" Version="2.20.0" />
<PackageReference Include="Microsoft.Identity.Web" Version="1.1.0" />
<PackageReference Include="Swashbuckle.AspNetCore" Version="5.6.3" />
</ItemGroup>
However, I think, I just need the following packages
<ItemGroup>
<PackageReference Include="Microsoft.ApplicationInsights" Version="2.20.0" />
<PackageReference Include="Microsoft.Identity.Web" Version="1.1.0" />
<PackageReference Include="Swashbuckle.AspNetCore" Version="5.6.3" />
<PackageReference Include="Microsoft.ApplicationInsights.AspNetCore" Version="2.20.0" />
<PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="6.0.0" />
<PackageReference Include="Microsoft.Extensions.DependencyInjection.Abstractions" Version="6.0.0" />
<PackageReference Include="Microsoft.Extensions.Logging.ApplicationInsights" Version="2.20.0" />
<PackageReference Include="Microsoft.ApplicationInsights.PerfCounterCollector" Version="2.20.0" />
</ItemGroup>
How do I know what are all the packages are required to support Azure App Insight and what is not required?

Thank you #VenkateshDodda-MSFT for the comment
As per this Document,
For collecting logs with Application Insights in .NET Applications , we need to add the below Nuget Package
Microsoft.ApplicationInsights.AspNetCore
After adding the Microsoft.ApplicationInsights.AspNetCore package , the below packages are added by default
Microsoft.ApplicationInsights.WorkerService nuget package is required to enable Application Insights for background services
Please refer What is created when you add Application Insights for more information

Could not load file or assembly 'System.IdentityModel.Tokens.Jwt, Version=5.6.0.0 after upgrading Azure Function's nuget packages to 3.0.4 or 3.0.5

We have had an Azure Function V3 that has a reference to another C# project in a VS 2019 solution. There are some extension methods in the other C# project using System.IdentityModel.Tokens.Jwt Version=5.6.0.0 assembly to perform token validation. The Azure Function has been working fine by using those extension methods to validate token. The following code snippet shows the nuget packages:
<PackageReference Include="Microsoft.Azure.Functions.Extensions" Version="1.0.0" />
<PackageReference Include="Microsoft.Azure.WebJobs.Extensions.SignalRService" Version="1.0.2" />
<PackageReference Include="Microsoft.Azure.EventGrid" Version="3.2.0" />
<PackageReference Include="Microsoft.Azure.WebJobs.Extensions.EventGrid" Version="2.1.0" />
<PackageReference Include="Microsoft.NET.Sdk.Functions" Version="3.0.3" />
We upgraded the nuget packages in the azure function according to the following list and started receiving the exception reflected the title of this ticket. What's the solution or workaround to solve this problem?
<PackageReference Include="Microsoft.Azure.Functions.Extensions" Version="1.0.0" />
<PackageReference Include="Microsoft.Azure.WebJobs.Extensions.SignalRService" Version="1.0.2" />
<PackageReference Include="Microsoft.Azure.EventGrid" Version="3.2.0" />
<PackageReference Include="Microsoft.Azure.WebJobs.Extensions.EventGrid" Version="2.1.0" />
<PackageReference Include="Microsoft.Azure.WebJobs.Script.ExtensionsMetadataGenerator" Version="1.1.4" />
<PackageReference Include="Microsoft.NET.Sdk.Functions" Version="3.0.4" />
We also tried Microsoft.NET.Sdk.Functions version 3.0.5 but it exhibits the same problem What is the solution for this problem? Is this an issue to be fixed in the upgraded nuget package?

Extremely slow package restores for Azure/Kudu build

We have issues with very long deployment times in Azure/Kudu due to extremely slow package restores for our .NET Core projects. Here is output from the log:
2017-05-15T08:33:50.4762761Z,Command: deploy.cmd,,0
2017-05-15T08:33:51.2574560Z,Restoring packages for MySolution.sln,,0
2017-05-15T08:59:16.3007973Z, Restoring packages for D:\home\site\repository\src\MyProject\MyProject.csproj...,,0
2017-05-15T08:59:22.6581127Z, Lock file has not changed. Skipping lock file write. Path: D:\home\site\repository\src\MyProject\obj\project.assets.json,,0
2017-05-15T08:59:22.6737370Z, Restore completed in 6.33 sec for D:\home\site\repository\src\MyProject\MyProject.csproj.,,0
2017-05-15T08:59:22.6737370Z, ,,0
2017-05-15T08:59:22.6737370Z, NuGet Config files used:,,0
2017-05-15T08:59:22.6908155Z, D:\local\AppData\NuGet\NuGet.Config,,0
2017-05-15T08:59:22.6908155Z, ,,0
2017-05-15T08:59:22.7049839Z, Feeds used:,,0
2017-05-15T08:59:22.7049839Z, https://api.nuget.org/v3/index.json,,0
2017-05-15T08:59:22.7362324Z,Building and publishing MyProject.csproj,,0
2017-05-15T08:59:23.2362247Z,Microsoft (R) Build Engine version 15.1.1012.6693,,0
2017-05-15T08:59:23.2520644Z,Copyright (C) Microsoft Corporation. All rights reserved.,,0
2017-05-15T08:59:23.2520644Z,,,0
2017-05-15T09:12:28.8924730Z, MyProject -> D:\home\site\repository\src\MyProject\bin\Release\netcoreapp1.1\MyProject.dll,,0
As you can see, it takes almost 30 minutes between these steps alone:
2017-05-15T08:33:51.2574560Z,Restoring packages for MySolution.sln,,0
2017-05-15T08:59:16.3007973Z, Restoring packages for D:\home\site\repository\src\MyProject\MyProject.csproj...,,0
Help is much appreciated.
UPDATE
It doesn't seem to be an issue only with package restore. Here's an example of when the build itself also takes an hour:
* 2017-09-06T11:27:45.4325294Z,Restoring packages for MySolution.sln,,0
* 2017-09-06T12:10:47.8765057Z, Restore completed in 974.85 ms for D:\home\site\repository\src\MyProject\MyProject.csproj.,,0
* 2017-09-06T12:10:47.9397198Z,Building and publishing MyProject.csproj,,0
* 2017-09-06T13:09:33.8740387Z,Microsoft (R) Build Engine version 15.3.409.57025 for .NET Core,,0
2017-09-06T13:09:33.8896654Z,Copyright (C) Microsoft Corporation. All rights reserved.,,0
2017-09-06T13:09:33.9052887Z,,,0
2017-09-06T13:29:16.1438980Z, MyProject -> D:\home\site\repository\src\MyProject\bin\Release\netcoreapp1.1\MyProject.dll,,0
2017-09-06T13:32:51.0677707Z, MyProject -> D:\local\Temp\8d4f51a4b579642\,,0
Nothing fancy is going on in the csproj:
<Project Sdk="Microsoft.NET.Sdk.Web">
<PropertyGroup>
<TargetFramework>netcoreapp1.1</TargetFramework>
<PreserveCompilationContext>true</PreserveCompilationContext>
<AssemblyName>MyProject</AssemblyName>
<OutputType>Exe</OutputType>
<PackageId>MyProject</PackageId>
<RuntimeFrameworkVersion>1.1.1</RuntimeFrameworkVersion>
<PackageTargetFallback>$(PackageTargetFallback);dotnet5.6;portable-net45+win8</PackageTargetFallback>
</PropertyGroup>
<ItemGroup>
<Compile Remove="*.ts;app\**\*" />
<None Update="rewrite-rules.xml">
<CopyToPublishDirectory>PreserveNewest</CopyToPublishDirectory>
</None>
</ItemGroup>
<ItemGroup>
<PackageReference Include="Microsoft.AspNetCore.Diagnostics" Version="1.1.1" />
<PackageReference Include="Microsoft.AspNetCore.Server.IISIntegration" Version="1.1.1" />
<PackageReference Include="Microsoft.AspNetCore.Server.Kestrel" Version="1.1.1" />
<PackageReference Include="Microsoft.Extensions.Logging.Console" Version="1.1.1" />
<PackageReference Include="Microsoft.AspNetCore.StaticFiles" Version="1.1.1" />
<PackageReference Include="Microsoft.AspNetCore.Rewrite" Version="1.0.1" />
<PackageReference Include="Microsoft.AspNetCore.ResponseCompression" Version="1.0.1" />
<PackageReference Include="Microsoft.ApplicationInsights.AspNetCore" Version="1.0.2" />
<PackageReference Include="Microsoft.Extensions.Options.ConfigurationExtensions" Version="1.1.2" />
<PackageReference Include="Microsoft.Extensions.Configuration" Version="1.1.2" />
<PackageReference Include="Microsoft.Extensions.Configuration.FileExtensions" Version="1.1.2" />
<PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="1.1.2" />
<PackageReference Include="Microsoft.AspNetCore.WebUtilities" Version="1.1.2" />
</ItemGroup>
</Project>

asp.net core migrated project.json to csproj and now i can't build for linux/mac

I have migrated my project.json to csproj using the 'Dotnet migrate' command from the terminal. But now I can no longer build or publish my app for osx or Linux using a command like 'dotnet build -f osx.10.11-x64' when I run this it iutputs the following. I also don't think the csproj created by the migrate tool will create a self contained app which is what I had before by removing the 'type=platform' from the project.json.
C:\Program Files\dotnet\sdk\1.0.0-rc4-004771\Sdks\Microsoft.NET.Sdk\build\Microsoft.NET.TargetFrameworkInference.targets(84,5): error : Cannot infer TargetFrameworkIdentifier and/or TargetFrameworkVersion from TargetFramework='osx.10.11-x64'. They must be specified explicitly.
This is my csproj file that was created by the migrate command.
<Project Sdk="Microsoft.NET.Sdk.Web">
<PropertyGroup>
<TargetFramework>netcoreapp1.1</TargetFramework>
<PreserveCompilationContext>true</PreserveCompilationContext>
<AssemblyName>sample</AssemblyName>
<OutputType>Exe</OutputType>
<PackageId>Kosmele</PackageId>
<RuntimeIdentifiers>osx.10.11-x64;ubuntu.16.04-x64</RuntimeIdentifiers>
<RuntimeFrameworkVersion>1.0.3</RuntimeFrameworkVersion>
</PropertyGroup>
<ItemGroup>
<Content Update="wwwroot\**\*;web.config">
<CopyToPublishDirectory>PreserveNewest</CopyToPublishDirectory>
</Content>
</ItemGroup>
<ItemGroup>
<PackageReference Include="Microsoft.AspNetCore.Diagnostics" Version="1.0.1" />
<PackageReference Include="Microsoft.AspNetCore.Server.Kestrel" Version="1.0.2" />
<PackageReference Include="Microsoft.Extensions.Logging.Console" Version="1.0.1" />
<PackageReference Include="Microsoft.Extensions.Logging.Filter" Version="1.0.1" />
<PackageReference Include="Microsoft.Extensions.Configuration.EnvironmentVariables" Version="1.0.1" />
<PackageReference Include="Microsoft.Extensions.Configuration.FileExtensions" Version="1.0.1" />
<PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="1.0.1" />
<PackageReference Include="Microsoft.Extensions.Configuration.CommandLine" Version="1.0.1" />
<PackageReference Include="Microsoft.AspNetCore.StaticFiles" Version="1.0.1" />
<PackageReference Include="Serilog.Extensions.Logging.File" Version="1.0.0" />
<PackageReference Include="Microsoft.Extensions.Logging.Debug" Version="1.0.1" />
</ItemGroup>
</Project>

The following bare bones .csproj file (for a ASP.NET MVC project) worked for me on OS X.
<Project Sdk="Microsoft.NET.Sdk.Web">
<PropertyGroup>
<TargetFramework>netcoreapp1.1</TargetFramework>
</PropertyGroup>
<ItemGroup>
<PackageReference Include="Microsoft.AspNetCore" Version="1.0.3" />
<PackageReference Include="Microsoft.AspNetCore.Mvc" Version="1.0.2" />
<PackageReference Include="Microsoft.AspNetCore.StaticFiles" Version="1.0.1" />
<PackageReference Include="Microsoft.Extensions.Logging.Debug" Version="1.0.1" />
<PackageReference Include="Microsoft.VisualStudio.Web.BrowserLink" Version="1.0.1" />
</ItemGroup>
</Project>

Resources