无法从.net Core中的配置管理器获取用户机密

Question

I'm currently setting up a .net core web application, and have set up MailKit to handle it's email sending.

Rather than hard coding my smtp password I went with the user secret option. However for some reason every time I try to retrieve the password, it comes back as null. The Error:

An unhandled exception occurred while processing the request. ArgumentNullException: Value cannot be null. Parameter name: password MoveNext in MessageServices.cs, line 56

I was wondering if anyone can see what I'm missing!

Here is my MessageService.cs

    public class AuthMessageSender : IEmailSender, ISmsSender
{

    public IConfiguration Configuration { get; set; }

    public AuthMessageSender()
    {
        var builder = new ConfigurationBuilder()
               .SetBasePath(Directory.GetCurrentDirectory())
               .AddJsonFile("appsettings.json");
        Configuration = builder.Build();
    }
    public async Task SendEmailAsync(string email, string subject, string message, string fullName)
    {

        try
        {
            var _email = "info@*******.co.uk";
            var _epass = Configuration["AdminPassword:Email"];
            var _dispName = "Mark ****";
            var myMessage = new MimeMessage();
            var builder = new BodyBuilder();
            myMessage.To.Add(new MailboxAddress(fullName ?? "User", email));
            myMessage.From.Add(new MailboxAddress(_dispName, _email));
            myMessage.Subject = subject;
            builder.HtmlBody = message;
            myMessage.Body = builder.ToMessageBody();

            using (SmtpClient smtp = new SmtpClient())
            {
                bool UseSSL = true;
                string Host = "just22.justhost.com";
                int Port = 465;
                await smtp.ConnectAsync(Host, Port, UseSSL).ConfigureAwait(true);
                smtp.AuthenticationMechanisms.Remove("XOAUTH2");
                smtp.Authenticate(_email, _epass); // Note: only needed if the SMTP server requires authentication
                await smtp.SendAsync(myMessage).ConfigureAwait(false);
                await smtp.DisconnectAsync(true).ConfigureAwait(false);
            }
        }
        catch (Exception ex)
        {
            throw ex;
        }


}

    public Task SendSmsAsync(string number, string message)
    {
        // Plug in your SMS service here to send a text message.
        return Task.FromResult(0);
    }

And here is my Start.cs

    public class Startup
{
    public Startup(IHostingEnvironment env)
    {
        var builder = new ConfigurationBuilder()
            .SetBasePath(env.ContentRootPath)
            .AddJsonFile("appsettings.json", optional: true, reloadOnChange: true)
            .AddJsonFile($"appsettings.{env.EnvironmentName}.json", optional: true);

        if (env.IsDevelopment())
        {
            // For more details on using the user secret store see http://go.microsoft.com/fwlink/?LinkID=532709
            builder.AddUserSecrets();
        }

        builder.AddEnvironmentVariables();
        Configuration = builder.Build();
    }

    public IConfigurationRoot Configuration { get; }

    // This method gets called by the runtime. Use this method to add services to the container.
    public void ConfigureServices(IServiceCollection services)
    {
        // Add framework services.
        services.AddDbContext<ApplicationDbContext>(options =>
            options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));

        services.AddIdentity<ApplicationUser, IdentityRole>()
            .AddEntityFrameworkStores<ApplicationDbContext>()
            .AddDefaultTokenProviders();

        services.AddMvc();

        // Add application services.
        services.AddTransient<IEmailSender, AuthMessageSender>();
        services.AddTransient<ISmsSender, AuthMessageSender>();
        services.AddDistributedMemoryCache();
        services.AddSession();
    }

    // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
    public async void Configure(IApplicationBuilder app, IHostingEnvironment env,
        ILoggerFactory loggerFactory, IServiceProvider serviceProvider, ApplicationDbContext context)
    {
        loggerFactory.AddConsole(Configuration.GetSection("Logging"));
        loggerFactory.AddDebug();

        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
            app.UseDatabaseErrorPage();
            app.UseBrowserLink();
        }
        else
        {
            app.UseExceptionHandler("/Home/Error");
        }

        app.UseStaticFiles();
        app.UseSession();
        app.UseIdentity();

        // Add external authentication middleware below. To configure them please see http://go.microsoft.com/fwlink/?LinkID=532715
        app.UseFacebookAuthentication(new FacebookOptions()
        {
            AppId = Configuration["Authentication:Facebook:AppId"],
            AppSecret = Configuration["Authentication:Facebook:AppSecret"]
        });

        app.UseMvc(routes =>
        {
            routes.MapRoute(
                name: "default",
                template: "{controller=Home}/{action=Index}/{id?}");
        });
        await CreateRoles(context, serviceProvider);
    }
    private async Task CreateRoles(ApplicationDbContext context, IServiceProvider serviceProvider)
    {
        var userManager = serviceProvider.GetRequiredService<UserManager<ApplicationUser>>();
        var RoleManager = serviceProvider.GetRequiredService<RoleManager<IdentityRole>>();
        // Create a list of roles with both name and normalised name attributes
        List<IdentityRole> roles = new List<IdentityRole>();
        roles.Add(new IdentityRole { Name = "Admin", NormalizedName = "ADMIN" });
        roles.Add(new IdentityRole { Name = "Member", NormalizedName = "MEMBER" });
        roles.Add(new IdentityRole { Name = "Moderator", NormalizedName = "MODERATOR" });
        // Check if the role already exists
        foreach (var role in roles)
        {
            var roleExist = await RoleManager.RoleExistsAsync(role.Name);
            if (!roleExist)
            {   // Add it if it doesn't
                context.Roles.Add(role);
                context.SaveChanges();
            }
        }
        var user = await userManager.FindByEmailAsync("mark****@gmail.com");
        if (user != null)
        {
            var gotRoles = userManager.GetRolesAsync(user);
            if (!gotRoles.Equals("Admin"))
            {
                await userManager.AddToRoleAsync(user, "Admin");
            }
        }
    }
}

I have checked to make sure the secret exists, which it does, along with Facebook Authentication secrets, which seem to work just fine.

If I hard code the password, the email gets sent. When I set break points I can see that the password is indeed null. I'm a bit stumped!

Thanks in advance.

Answer 1

New Answer based on information provided by @Kritner and this Link: Access to Configuration object from Startup class

First I created a POCO that had ALL of my SMTP properties that should be out of sight, like so:

        public class SmtpConfig
{
    public string EmailDisplayName { get; set; }
    public string SmtpPassworrd { get; set; }
    public string SmtpUserEmail { get; set; }
    public string SmtpHost { get; set; }
    public int SmtpPort { get; set; }
}

Then in My Startup.cs I added this to ConfigureServices:

            services.Configure<SmtpConfig>(optionsSetup =>
        {
            //get from appsetings.json file
            optionsSetup.SmtpPassworrd = Configuration["SMTP:Password"];
            optionsSetup.SmtpUserEmail = Configuration["SMTP:Email"];
            optionsSetup.SmtpHost = Configuration["SMTP:Host"];
            optionsSetup.SmtpPort = Convert.ToInt32(Configuration["SMTP:Port"]);
        });

Finally I edited my messageServices to look like this:

        public class AuthMessageSender : IEmailSender, ISmsSender
{
    private readonly IOptions<SmtpConfig> _smtpConfig;
    public IConfiguration Configuration { get; set; }

    public AuthMessageSender( IOptions<SmtpConfig> smtpConfig)
    {
        _smtpConfig = smtpConfig;
    }
    public async Task SendEmailAsync(string email, string subject, string message, string fullName)
    {

        try
        {
            var _email = _smtpConfig.Value.SmtpUserEmail;
            string _epass = _smtpConfig.Value.SmtpPassworrd;
            var _dispName = _smtpConfig.Value.EmailDisplayName;
            var myMessage = new MimeMessage();
            var builder = new BodyBuilder();
            myMessage.To.Add(new MailboxAddress(fullName ?? "User", email));
            myMessage.From.Add(new MailboxAddress(_dispName, _email));
            myMessage.Subject = subject;
            builder.HtmlBody = message;
            myMessage.Body = builder.ToMessageBody();

            using (SmtpClient smtp = new SmtpClient())
            {
                bool UseSSL = true;
                string Host = _smtpConfig.Value.SmtpHost;
                int Port = _smtpConfig.Value.SmtpPort;
                await smtp.ConnectAsync(Host, Port, UseSSL).ConfigureAwait(true);
                smtp.AuthenticationMechanisms.Remove("XOAUTH2");
                smtp.Authenticate(_email, _epass); // Note: only needed if the SMTP server requires authentication
                await smtp.SendAsync(myMessage).ConfigureAwait(true);
                await smtp.DisconnectAsync(true).ConfigureAwait(true);
            }
        }
        catch (Exception ex)
        {
            throw ex;
        }


    }