.net core cookie登录和session的 DataProtectionProvider 加入 redis

                string redisConnectionString = Configuration.GetSection("Storage:Redis").GetValue<string>("ConnectionString");
                string redisInstanceName = Configuration.GetSection("Storage:Redis").GetValue<string>("InstanceName");
                services.AddDistributedRedisCache(options =>
                {
                    options.Configuration = $"{redisConnectionString},defaultDataBase=0";
                    options.InstanceName = redisInstanceName;
                });

                IDataProtectionBuilder dataProtectionBuilder = services.AddDataProtection()
                    .SetApplicationName("XXX")
                    .UseCryptographicAlgorithms(
                        new AuthenticatedEncryptorConfiguration()
                        {
                            EncryptionAlgorithm = EncryptionAlgorithm.AES_256_CBC,
                            ValidationAlgorithm = ValidationAlgorithm.HMACSHA256
                        })
                    .PersistKeysToRedis(ConnectionMultiplexer.Connect($"{redisConnectionString},defaultDataBase=0"), "XXX-DataProtection-Keys");

                services.AddSession(options =>
                {
                    options.IdleTimeout = TimeSpan.FromMinutes(20); //session活期时间
                    options.Cookie = new CookieBuilder()
                    {
                        Name = $".{GetType().Namespace}.Session",
                        HttpOnly = true,
                    };
                });

                services.AddSingleton(HtmlEncoder.Create(UnicodeRanges.All));//中文乱码

                services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
                .AddCookie(CookieAuthenticationDefaults.AuthenticationScheme, options =>
                {
                    options.DataProtectionProvider = CreateRedisDataProtectionProvider(ConnectionMultiplexer.Connect($"{redisConnectionString},defaultDataBase=1"));
                    //options.DataProtectionProvider = DataProtectionProvider.Create(new DirectoryInfo(@"C:\_sso"));
                    options.SlidingExpiration = true;
                    options.LoginPath = "/account/signin";
                    options.Cookie = new CookieBuilder()
                    {
                        HttpOnly = true,
                        Name = $".{GetType().Namespace}",
                    };
                });

        IDataProtectionProvider CreateRedisDataProtectionProvider(IConnectionMultiplexer connection)
        {
            return new ServiceCollection()
                .AddDataProtection()
                .SetApplicationName("XXX.SSO")
                .UseCryptographicAlgorithms(
                    new AuthenticatedEncryptorConfiguration()
                    {
                        EncryptionAlgorithm = EncryptionAlgorithm.AES_256_CBC,
                        ValidationAlgorithm = ValidationAlgorithm.HMACSHA256
                    })
                .PersistKeysToRedis(connection, "XXX-SSO-DataProtection-Keys")
                .Services
                .BuildServiceProvider()
                .GetRequiredService<IDataProtectionProvider>();
        }

                app.UseAuthentication();
                app.UseSession();//在UseMvc前面
                app.UseMvc();