Relayering. Still needs cleanup.

Author: Tratcher

build/dependencies.props

@@ -16,7 +16,9 @@
     <MicrosoftAspNetCoreHttpPackageVersion>2.1.0-preview1-27845</MicrosoftAspNetCoreHttpPackageVersion>
     <MicrosoftAspNetCoreTestingPackageVersion>2.1.0-preview1-27845</MicrosoftAspNetCoreTestingPackageVersion>
     <MicrosoftAspNetCoreWebUtilitiesPackageVersion>2.1.0-preview1-27845</MicrosoftAspNetCoreWebUtilitiesPackageVersion>
+    <MicrosoftExtensionsConfigurationBinderPackageVersion>2.1.0-preview1-27845</MicrosoftExtensionsConfigurationBinderPackageVersion>
     <MicrosoftExtensionsConfigurationJsonPackageVersion>2.1.0-preview1-27845</MicrosoftExtensionsConfigurationJsonPackageVersion>
+    <MicrosoftExtensionsDependencyInjectionPackageVersion>2.1.0-preview1-27845</MicrosoftExtensionsDependencyInjectionPackageVersion>
     <MicrosoftExtensionsLoggingAbstractionsPackageVersion>2.1.0-preview1-27845</MicrosoftExtensionsLoggingAbstractionsPackageVersion>
     <MicrosoftExtensionsLoggingConsolePackageVersion>2.1.0-preview1-27845</MicrosoftExtensionsLoggingConsolePackageVersion>
     <MicrosoftExtensionsLoggingPackageVersion>2.1.0-preview1-27845</MicrosoftExtensionsLoggingPackageVersion>

src/Kestrel.Core/CoreStrings.resx

@@ -486,4 +486,13 @@
   <data name="CertNotFoundInStore" xml:space="preserve">
     <value>The requested certificate {subject} could not be found in {storeLocation}/{storeName} with AllowInvalid setting: {allowInvalid}.</value>
   </data>
+  <data name="EndpointMissingUrl" xml:space="preserve">
+    <value>The endpoint {endpointName} is missing the required 'Url' parameter.</value>
+  </data>
+  <data name="HttpsUrlProvidedButNoDevelopmentCertificateFound" xml:space="preserve">
+    <value>Unable to configure HTTPS endpoint. Try running 'dotnet developercertificates https -t' to setup a developer certificate for use with localhost. For information on configuring HTTPS see https://go.microsoft.com/fwlink/?linkid=848054</value>
+  </data>
+  <data name="MultipleCertificateSources" xml:space="preserve">
+    <value>The endpoint {endpointName} specified multiple certificate sources.</value>
+  </data>
 </root>

src/Kestrel/EndpointConfiguration.cs renamed to src/Kestrel.Core/EndpointConfiguration.cs

@@ -14,7 +14,6 @@ internal class AddressBindContext
         public List<ListenOptions> ListenOptions { get; set; }
         public KestrelServerOptions ServerOptions { get; set; }
         public ILogger Logger { get; set; }
-        public IDefaultHttpsProvider DefaultHttpsProvider { get; set; }
 
         public Func<ListenOptions, Task> CreateBinding { get; set; }
     }

src/Kestrel.Core/Internal/AddressBindContext.cs

@@ -6,9 +6,9 @@
 using System.IO;
 using System.Linq;
 using System.Net;
-using System.Security.Cryptography.X509Certificates;
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Builder;
+using Microsoft.AspNetCore.Hosting;
 using Microsoft.AspNetCore.Hosting.Server.Features;
 using Microsoft.AspNetCore.Protocols;
 using Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Infrastructure;
@@ -21,7 +21,6 @@ internal class AddressBinder
         public static async Task BindAsync(IServerAddressesFeature addresses,
             KestrelServerOptions serverOptions,
             ILogger logger,
-            IDefaultHttpsProvider defaultHttpsProvider,
             Func<ListenOptions, Task> createBinding)
         {
             var listenOptions = serverOptions.ListenOptions;
@@ -36,7 +35,6 @@ public static async Task BindAsync(IServerAddressesFeature addresses,
                 ListenOptions = listenOptions,
                 ServerOptions = serverOptions,
                 Logger = logger,
-                DefaultHttpsProvider = defaultHttpsProvider ?? UnconfiguredDefaultHttpsProvider.Instance,
                 CreateBinding = createBinding
             };
 
@@ -178,7 +176,7 @@ public async Task BindAsync(AddressBindContext context)
                 {
                     try
                     {
-                        context.DefaultHttpsProvider.ConfigureHttps(httpsDefault);
+                        httpsDefault.UseHttps();
                     }
                     catch (Exception)
                     {
@@ -266,31 +264,12 @@ public virtual async Task BindAsync(AddressBindContext context)
 
                     if (https && !options.ConnectionAdapters.Any(f => f.IsHttps))
                     {
-                        context.DefaultHttpsProvider.ConfigureHttps(options);
+                        options.UseHttps();
                     }
 
                     await options.BindAsync(context).ConfigureAwait(false);
                 }
             }
         }
-
-        private class UnconfiguredDefaultHttpsProvider : IDefaultHttpsProvider
-        {
-            public static readonly UnconfiguredDefaultHttpsProvider Instance = new UnconfiguredDefaultHttpsProvider();
-
-            private UnconfiguredDefaultHttpsProvider()
-            {
-            }
-
-            public X509Certificate2 Certificate => null;
-
-            public void ConfigureHttps(ListenOptions listenOptions)
-            {
-                // We have to throw here. If this is called, it's because the user asked for "https" binding but for some
-                // reason didn't provide a certificate and didn't use the "DefaultHttpsProvider". This means if we no-op,
-                // we'll silently downgrade to HTTP, which is bad.
-                throw new InvalidOperationException(CoreStrings.UnableToConfigureHttpsBindings);
-            }
-        }
     }
 }

src/Kestrel.Core/Internal/AddressBinder.cs

@@ -74,7 +74,7 @@ private void ReadEndpoints()
                 var url = endpointConfig["Url"];
                 if (string.IsNullOrEmpty(url))
                 {
-                    throw new InvalidOperationException(KestrelStrings.FormatEndpointMissingUrl(endpointConfig.Key));
+                    throw new InvalidOperationException(CoreStrings.FormatEndpointMissingUrl(endpointConfig.Key));
                 }
 
                 var endpoint = new EndpointConfig()

src/Kestrel/Internal/ConfigurationReader.cs renamed to src/Kestrel.Core/Internal/ConfigurationReader.cs

@@ -12,14 +12,17 @@
   </PropertyGroup>
 
   <ItemGroup>
+    <PackageReference Include="Microsoft.AspNetCore.Certificates.Generation.Sources" PrivateAssets="All" Version="$(MicrosoftAspNetCoreCertificatesGenerationSourcesPackageVersion)" />
     <PackageReference Include="Microsoft.AspNetCore.Hosting.Abstractions" Version="$(MicrosoftAspNetCoreHostingAbstractionsPackageVersion)" />
     <PackageReference Include="Microsoft.AspNetCore.WebUtilities" Version="$(MicrosoftAspNetCoreWebUtilitiesPackageVersion)" />
     <PackageReference Include="Microsoft.Net.Http.Headers" Version="$(MicrosoftNetHttpHeadersPackageVersion)" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.Binder" Version="$(MicrosoftExtensionsConfigurationBinderPackageVersion)" />
     <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="$(MicrosoftExtensionsLoggingAbstractionsPackageVersion)" />
     <PackageReference Include="Microsoft.Extensions.Options" Version="$(MicrosoftExtensionsOptionsPackageVersion)" />
     <PackageReference Include="System.Threading.Tasks.Extensions" Version="$(SystemThreadingTasksExtensionsPackageVersion)" />
     <PackageReference Include="System.Memory" Version="$(SystemMemoryPackageVersion)" />
     <PackageReference Include="System.Runtime.CompilerServices.Unsafe" Version="$(SystemRuntimeCompilerServicesUnsafePackageVersion)" />
+    <PackageReference Include="System.Security.Cryptography.Cng" Version="$(SystemSecurityCryptographyCngPackageVersion)" />
   </ItemGroup>
 
   <ItemGroup>

src/Kestrel.Core/Internal/IDefaultHttpsProvider.cs

@@ -17,7 +17,7 @@
 
 namespace Microsoft.AspNetCore.Server.Kestrel
 {
-    public class KestrelConfigurationLoader : IKestrelConfigurationLoader
+    public class KestrelConfigurationLoader
     {
         internal KestrelConfigurationLoader(KestrelServerOptions options, IConfiguration configuration)
         {
@@ -216,13 +216,8 @@ public void Load()
                 if (https)
                 {
                     // Defaults
-                    httpsOptions.ServerCertificate = listenOptions.KestrelServerOptions.GetOverriddenDefaultCertificate();
-                    Options.GetHttpsDefaults()(httpsOptions);
-                    if (httpsOptions.ServerCertificate == null)
-                    {
-                        var provider = Options.ApplicationServices.GetRequiredService<IDefaultHttpsProvider>();
-                        httpsOptions.ServerCertificate = provider.Certificate; // May be null.
-                    }
+                    httpsOptions.ServerCertificate = listenOptions.KestrelServerOptions.DefaultCertificate;
+                    Options.HttpsDefaults(httpsOptions);
 
                     // Specified
                     httpsOptions.ServerCertificate = LoadCertificate(endpoint.Certificate, endpoint.Name)
@@ -259,7 +254,7 @@ private void LoadDefaultCert(ConfigurationReader configReader)
                 var defaultCert = LoadCertificate(defaultCertConfig, "Default");
                 if (defaultCert != null)
                 {
-                    Options.OverrideDefaultCertificate(defaultCert);
+                    Options.DefaultCertificate = defaultCert;
                 }
             }
         }
@@ -268,7 +263,7 @@ private X509Certificate2 LoadCertificate(CertificateConfig certInfo, string endp
         {
             if (certInfo.IsFileCert && certInfo.IsStoreCert)
             {
-                throw new InvalidOperationException(KestrelStrings.FormatMultipleCertificateSources(endpointName));
+                throw new InvalidOperationException(CoreStrings.FormatMultipleCertificateSources(endpointName));
             }
             else if (certInfo.IsFileCert)
             {

src/Kestrel.Core/Internal/IKestrelConfigurationLoader.cs

@@ -22,7 +22,6 @@ public class KestrelServer : IServer
         private readonly List<ITransport> _transports = new List<ITransport>();
         private readonly Heartbeat _heartbeat;
         private readonly IServerAddressesFeature _serverAddresses;
-        private readonly IDefaultHttpsProvider _defaultHttpsProvider;
         private readonly ITransportFactory _transportFactory;
 
         private bool _hasStarted;
@@ -34,12 +33,6 @@ public KestrelServer(IOptions<KestrelServerOptions> options, ITransportFactory t
         {
         }
 
-        public KestrelServer(IOptions<KestrelServerOptions> options, ITransportFactory transportFactory, ILoggerFactory loggerFactory, IDefaultHttpsProvider defaultHttpsProvider)
-            : this(transportFactory, CreateServiceContext(options, loggerFactory))
-        {
-            _defaultHttpsProvider = defaultHttpsProvider;
-        }
-
         // For testing
         internal KestrelServer(ITransportFactory transportFactory, ServiceContext serviceContext)
         {
@@ -159,7 +152,7 @@ async Task OnBind(ListenOptions endpoint)
                     await transport.BindAsync().ConfigureAwait(false);
                 }
 
-                await AddressBinder.BindAsync(_serverAddresses, Options, Trace, _defaultHttpsProvider, OnBind).ConfigureAwait(false);
+                await AddressBinder.BindAsync(_serverAddresses, Options, Trace, OnBind).ConfigureAwait(false);
             }
             catch (Exception ex)
             {

src/Kestrel/Internal/LoggerExtensions.cs renamed to src/Kestrel.Core/Internal/LoggerExtensions.cs

@@ -3,11 +3,17 @@
 
 using System;
 using System.Collections.Generic;
+using System.Linq;
 using System.Net;
+using System.Security.Cryptography.X509Certificates;
+using Microsoft.AspNetCore.Certificates.Generation;
 using Microsoft.AspNetCore.Http;
-using Microsoft.AspNetCore.Server.Kestrel.Core.Internal;
+using Microsoft.AspNetCore.Server.Kestrel.Https;
+using Microsoft.AspNetCore.Server.Kestrel.Internal;
 using Microsoft.AspNetCore.Server.Kestrel.Transport.Abstractions.Internal;
 using Microsoft.Extensions.Configuration;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.Logging;
 
 namespace Microsoft.AspNetCore.Server.Kestrel.Core
 {
@@ -61,17 +67,22 @@ public class KestrelServerOptions
         /// Provides a configuration source where endpoints will be loaded from on server start.
         /// The default is null.
         /// </summary>
-        public IKestrelConfigurationLoader ConfigurationLoader { get; set; }
+        public KestrelConfigurationLoader ConfigurationLoader { get; set; }
 
         /// <summary>
         /// A default configuration action for all endpoints. Use for Listen, configuration, the default url, and URLs.
         /// </summary>
         internal Action<ListenOptions> EndpointDefaults { get; set; } = _ => { };
 
         /// <summary>
-        /// Used to flow settings for connection adapters and other extensions.
+        /// A default configuration action for all https endpoints.
         /// </summary>
-        public IDictionary<string, object> AdapterData { get; } = new Dictionary<string, object>(0);
+        internal Action<HttpsConnectionAdapterOptions> HttpsDefaults { get; set; } = _ => { };
+
+        /// <summary>
+        /// The default server certificate for https endpoints. This is applied before HttpsDefaults.
+        /// </summary>
+        internal X509Certificate2 DefaultCertificate { get; set; }
 
         /// <summary>
         /// Specifies a configuration Action to run for each newly created endpoint. Calling this again will replace
@@ -82,6 +93,53 @@ public void ConfigureEndpointDefaults(Action<ListenOptions> configureOptions)
             EndpointDefaults = configureOptions ?? throw new ArgumentNullException(nameof(configureOptions));
         }
 
+        /// <summary>
+        /// Specifies a configuration Action to run for each newly created https endpoint. Calling this again will replace
+        /// the prior action.
+        /// </summary>
+        public void ConfigureHttpsDefaults(Action<HttpsConnectionAdapterOptions> configureOptions)
+        {
+            HttpsDefaults = configureOptions ?? throw new ArgumentNullException(nameof(configureOptions));
+        }
+
+        public void UseDefaultDeveloperCertificate()
+        {
+            var certificateManager = new CertificateManager();
+            var certificate = certificateManager.ListCertificates(CertificatePurpose.HTTPS, StoreName.My, StoreLocation.CurrentUser, isValid: true)
+                .FirstOrDefault();
+            var logger = ApplicationServices?.GetService<ILogger<KestrelServer>>();
+            if (certificate != null)
+            {
+                logger?.LocatedDevelopmentCertificate(certificate);
+                DefaultCertificate = certificate;
+            }
+            else
+            {
+                logger?.UnableToLocateDevelopmentCertificate();
+            }
+        }
+
+        /// <summary>
+        /// Creates a configuration loader for setting up Kestrel.
+        /// </summary>
+        public KestrelConfigurationLoader Configure()
+        {
+            var loader = new KestrelConfigurationLoader(this, new ConfigurationBuilder().Build());
+            ConfigurationLoader = loader;
+            return loader;
+        }
+
+        /// <summary>
+        /// Creates a configuration loader for setting up Kestrel that takes an IConfiguration as input.
+        /// This configuration must be scoped to the configuration section for Kestrel.
+        /// </summary>
+        public KestrelConfigurationLoader Configure(IConfiguration config)
+        {
+            var loader = new KestrelConfigurationLoader(this, config);
+            ConfigurationLoader = loader;
+            return loader;
+        }
+
         /// <summary>
         /// Bind to given IP address and port.
         /// </summary>