Initializing PnP.Core from .NET Core Startup Using Only AppSettings.json

[adamfisher]

I was following along with Configuring authentication in the docs but I am attempting to register PnP.Core using only appsettings.json but not seeing a clear example of how to do that. I am using certificate-based authentication as well.

I have this code in Startup.cs:

services.AddPnPCore();
services.Configure<PnPCoreOptions>(Configuration.GetSection("PnPCore"));
services.AddPnPCoreAuthentication();
services.Configure<PnPCoreAuthenticationOptions>(Configuration.GetSection("PnPCore"));

I have this configuration in appsettings.json:

"PnPCore": {
	"Credentials": {
		"DefaultConfiguration": "CertBasedAuthentication",
		"Configurations": {
			"CertBasedAuthentication": {
				"TenantId": "17cd3cf0-21a6-400e-8bdd-c8425c61f4a8",
				"ClientId": "340d7a99-e9ce-4786-8383-11ae78e378aa",
				"X509Certificate": {
					"StoreName": "My",
					"StoreLocation": "CurrentUser",
					"Thumbprint": "9QCDB674336CC49D54BB05FM196551C58EB73F53",
					"Certificate": {
						"Path": "MyPrivateKey.pfx",
						"Password": "1234"
					}
				}
			}
		}
	},
	"Sites": {
		"ProjectVault": {
			"SiteUrl": "https://demo.sharepoint.com/sites/ProjectSite",
			"AuthenticationProviderName": "CertBasedAuthentication"
		}
	}
}

However I am getting an error with the DI container that it cannot initialize my constructor dependency of type PnP.Core.Services.PnPContext. Do I need to configure something else to get a PnPContext to resolve?

[adamfisher]

My old startup code was doing it this way to get a PnPContext object as a dependency but I wanted to get this setup the correct way. What am I missing to get the PnPContext hooked in properly?

services.AddSingleton(_ =>
{
	var tenantId = "17cd3cf0-21a6-400e-8bdd-c8425c61f4a8";
	var clientId = "340d7a99-e9ce-4786-8383-11ae78e378aa";
	var siteUrl = new Uri("https://demo.sharepoint.com/sites/ProjectSite");
	var authManager = new AuthenticationManager(clientId, tenantId: tenantId);

	using var context = authManager.GetAccessTokenContext(siteUrl.ToString(), _ =>
	{
		var app = ConfidentialClientApplicationBuilder.Create(clientId)
			.WithCertificate(new X509Certificate2("MyPrivateKey.pfx", "1234"))
			.WithTenantId(tenantId)
			.Build();

		var resource = $"{siteUrl.Scheme}://{siteUrl.Authority}";
		var scopes = new[] { $"{resource}/.default" };
		var authResult = app.AcquireTokenForClient(scopes).ExecuteAsync().Result;
		return authResult.AccessToken;
	});

	var pnpClientContext = PnPCoreSdk.Instance.GetPnPContext(context);
	return pnpClientContext;
});

[adamfisher]

@sebastianmattar / @jansenbe I wonder if this is a bug here? I'm not sure how you would be able to specify configuration in appsettings.json to initialize an instance of an X509Certificate2? Ideally an instance of X509Certificate2 should be created as a result of some options values that get specified as part of the config but not be part of the options object itself 🤔.

pnpcore/src/sdk/PnP.Core.Auth/Services/Builder/Configuration/PnPCoreAuthenticationOptions.cs

Lines 151 to 154 in c6008d3

	/// <summary>
	/// Certificate can be set directly, if required
	/// </summary>
	public X509Certificate2 Certificate { get; set; }

[adamfisher]

If I have to do it in code, I tried adding it with this neat PostConfigure method to specify only the certificate via code:

services.PostConfigure<PnPCoreAuthenticationOptions>(options =>
	options.Credentials.Configurations["CertBasedAuthentication"].X509Certificate
			.Certificate = new X509Certificate2("MyPrivateKey.pfx", "1234")
);

I think that will work best and be the most clean if I have to specify it in code otherwise I'm just not sure how it would be serialized and specified in appsettings.json? Let me know if there is a better approach to do it directly in json and I will mark that one as the answer instead.

[jansenbe]

@adamfisher: This is a recommended approach, using PFX file and password using configuration file only is currently not supported.