Does my user-secrets store have incorrect values??

Question

Hello have had to reformat my computer and in the process lost my user-secrets store. Couldn't backup because I had blue screen of death prior. Anyway now that I have restored everything. I realize I'm having trouble displaying third party user from the Auth0 identity identity management platform. I could do it before reformat. But now I have forgotten how to do it. Am not seeing the hidden values

This is the code. The values from the "Auth0" property have been set correctly. That was easy. It's the AccessTokenManagement property I'm having trouble setting up in user store with the values ClientId and ClientSecret.

These are the steps I'm doing. I'm using randomly generated values here, not actual API keys.

dotnet user-secrets set "AccessTokenManagement:ClientId" "&4KD!ascJqCcmpgxPBzm9fo@5o#Y@pmdi7Ca"  
dotnet user-secrets set "AccessTokenManagement:ClientSecret" "3BmP#zxT6kPP&@9b3pc5nbNbBmce#L5FCPJ5"   

This is what some of the relevant code looks like in my appsettings.json file where I am calling the keys in json.

  "AccessTokenManagement": {  
    "Domain": "https://dev-dgdfgfdgf324.au.auth0.com",  
    "Clients": [  
      {  
        "Name": "UserService",  
        "ClientId": "NOT YET Stored as user-secret.",  
        "ClientSecret": "NOT YET Stored as user-secret.",  
        "Audience": "https://dev-dgdfgfdgf324.au.auth0.com/api/v2/"  
      }  
    ]  
  }  

That "Clients" keyword there in the code adds a layer of complexity that is beyond me. Am even doing it right please with settings the two variables I listed above?

UPDATE: 17/8/21

I have already seen this about how to setup user secrets https://learn.microsoft.com/en-us/aspnet/core/security/app-secrets?view=aspnetcore-5.0&tabs=windows and it really helped but with the properties

"AccessTokenManagement:Clients:ClientSecret"
"AccessTokenManagement:Clients:ClientId"

I want to know how to set those specifically. I have already being able to set the Auth0 info just fine. It's the access token info I am struggling to set properly.

Answer 1

Hi @Jordan Nash ,

So my question is do the property names (not the values) match up with what you are seeing in appsettings.json snippet or have I set the property names incorrectly in my user-secrets store?

In the appsettings.json file, if contains the following value:

In the Startup.cs file, we use the following code to get the ClientId and ClientSecret from the appsettings.json:

        var clientid = Configuration["AccessTokenManagement:Clients:0:ClientId"];  
        var Audience = Configuration["AccessTokenManagement:Clients:0:Audience"];  

The result as below:

Then, to store the above value in the user secrets with the same property name, we could use the following code:

dotnet user-secrets set "AccessTokenManagement:Clients:0:ClientId" "auth0 clientid"  
dotnet user-secrets set "AccessTokenManagement:Clients:0:ClientSecret" "auth0 secret"  

After that, we can see the secret.json file as below:

Then, we can get the secret using the following code:

var domin = Configuration["AccessTokenManagement:Clients:0:ClientId"];     
var clientidd = Configuration["AccessTokenManagement:Clients:0:ClientSecret"];  

the result:

[Note] If using the same property name in appsettings.json and secret.json file, when we get the value, it will return the value from user secrets store.

If I misunderstand your question, please let me know freely.

---

If the answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Best regards,
Dillion

Answer 2

Hi @Jordan Nash ,

  <PropertyGroup>  
    <TargetFramework>netcoreapp5.0</TargetFramework>  
    <AddRazorSupportForMvc>true</AddRazorSupportForMvc>  
    <UserSecretsId>4bf8bccc-4c18-4438-895e-8b0279d7fa31</UserSecretsId>  
  </PropertyGroup>  

From the Pitcher.csproj file (the UserSecretsId attribute), we can see that you have already enable the User-Secrets in your application, try to right click your project (using visual studio 2019) and click the "Mange User Secrets" options, then, you can view/manage user secrets. Or open secrets file via File system path: %APPDATA%\Microsoft\UserSecrets\<user_secrets_id>\secrets.json

For example, I enabled the secret storage in my application and set the secrets:

The secrets.json file as below:

Then, in the Startup.cs file, we could access the secrets using the following code (Note the Key value):

        var domin = Configuration["Auth0:Domin"];  
        var clientidd = Configuration["Auth0:ClientId"];  

Since you lost the user-secrets store, if you can't find the user secrets based on the UserSecretsId, you need to re-enable the user secrets on your projects and re-set the user secrets.

Besides, from your code, you also store the Auth0 information in the appsettings.json file, if that is the case, in the Startup.cs file, you can also get the Auth0 information from the appsettings.json file, code like this:

        //get value from appsettings  
        var baseuri = Configuration["Auth0:ManagementApi:BaseUri"];  
        var clientid = Configuration["Auth0:ManagementApi:ClientId"];  

The appsettings.json file:

The result as below (Note the key value between getting value from app settings.Json and user secrets):

More detail information, see Configuration in ASP.NET Core and Safe storage of app secrets in development in ASP.NET Core.

---

If the answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Best regards,
Dillion