/// <summary>
/// Get the vault extended info.
/// </summary>
/// <param name='resourceGroupName'>
/// Required. The name of the resource group containing the job
/// collection.
/// </param>
/// <param name='resourceName'>
/// Required. The name of the resource.
/// </param>
/// <param name='parameters'>
/// Required. Upload Vault Certificate input parameters.
/// </param>
/// <param name='certFriendlyName'>
/// Required. Certificate friendly name
/// </param>
/// <param name='customRequestHeaders'>
/// Optional. Request header parameters.
/// </param>
/// <param name='cancellationToken'>
/// Cancellation token.
/// </param>
/// <returns>
/// The response model for the upload certificate response
/// </returns>
public async Task <UploadCertificateResponse> UploadCertificateAsync(string resourceGroupName, string resourceName, CertificateArgs parameters, string certFriendlyName, CustomRequestHeaders customRequestHeaders, CancellationToken cancellationToken)
{
// Validate
if (resourceGroupName == null)
{
throw new ArgumentNullException("resourceGroupName");
}
if (resourceName == null)
{
throw new ArgumentNullException("resourceName");
}
if (parameters == null)
{
throw new ArgumentNullException("parameters");
}
if (parameters.Properties == null)
{
throw new ArgumentNullException("parameters.Properties");
}
if (certFriendlyName == null)
{
throw new ArgumentNullException("certFriendlyName");
}
// Tracing
bool shouldTrace = TracingAdapter.IsEnabled;
string invocationId = null;
if (shouldTrace)
{
invocationId = TracingAdapter.NextInvocationId.ToString();
Dictionary <string, object> tracingParameters = new Dictionary <string, object>();
tracingParameters.Add("resourceGroupName", resourceGroupName);
tracingParameters.Add("resourceName", resourceName);
tracingParameters.Add("parameters", parameters);
tracingParameters.Add("certFriendlyName", certFriendlyName);
tracingParameters.Add("customRequestHeaders", customRequestHeaders);
TracingAdapter.Enter(invocationId, this, "UploadCertificateAsync", tracingParameters);
}
// Construct URL
string url = "";
url = url + "/Subscriptions/";
if (this.Client.Credentials.SubscriptionId != null)
{
url = url + Uri.EscapeDataString(this.Client.Credentials.SubscriptionId);
}
url = url + "/resourceGroups/";
url = url + Uri.EscapeDataString(resourceGroupName);
url = url + "/providers/";
url = url + Uri.EscapeDataString(this.Client.ResourceNamespace);
url = url + "/";
url = url + "SiteRecoveryVault";
url = url + "/";
url = url + Uri.EscapeDataString(resourceName);
url = url + "/certificates/";
url = url + Uri.EscapeDataString(certFriendlyName);
List <string> queryParameters = new List <string>();
queryParameters.Add("api-version=2015-03-15");
if (queryParameters.Count > 0)
{
url = url + "?" + string.Join("&", queryParameters);
}
string baseUrl = this.Client.BaseUri.AbsoluteUri;
// Trim '/' character from the end of baseUrl and beginning of url.
if (baseUrl[baseUrl.Length - 1] == '/')
{
baseUrl = baseUrl.Substring(0, baseUrl.Length - 1);
}
if (url[0] == '/')
{
url = url.Substring(1);
}
url = baseUrl + "/" + url;
url = url.Replace(" ", "%20");
// Create HTTP transport objects
HttpRequestMessage httpRequest = null;
try
{
httpRequest = new HttpRequestMessage();
httpRequest.Method = HttpMethod.Put;
httpRequest.RequestUri = new Uri(url);
// Set Headers
httpRequest.Headers.Add("x-ms-client-request-id", customRequestHeaders.ClientRequestId);
// Set Credentials
cancellationToken.ThrowIfCancellationRequested();
await this.Client.Credentials.ProcessHttpRequestAsync(httpRequest, cancellationToken).ConfigureAwait(false);
// Serialize Request
string requestContent = null;
JToken requestDoc = null;
JObject parametersValue = new JObject();
requestDoc = parametersValue;
if (parameters.Properties != null)
{
if (parameters.Properties is ILazyCollection == false || ((ILazyCollection)parameters.Properties).IsInitialized)
{
JObject propertiesDictionary = new JObject();
foreach (KeyValuePair <string, string> pair in parameters.Properties)
{
string propertiesKey = pair.Key;
string propertiesValue = pair.Value;
propertiesDictionary[propertiesKey] = propertiesValue;
}
parametersValue["properties"] = propertiesDictionary;
}
}
requestContent = requestDoc.ToString(Newtonsoft.Json.Formatting.Indented);
httpRequest.Content = new StringContent(requestContent, Encoding.UTF8);
httpRequest.Content.Headers.ContentType = MediaTypeHeaderValue.Parse("application/json; charset=utf-8");
// Send Request
HttpResponseMessage httpResponse = null;
try
{
if (shouldTrace)
{
TracingAdapter.SendRequest(invocationId, httpRequest);
}
cancellationToken.ThrowIfCancellationRequested();
httpResponse = await this.Client.HttpClient.SendAsync(httpRequest, cancellationToken).ConfigureAwait(false);
if (shouldTrace)
{
TracingAdapter.ReceiveResponse(invocationId, httpResponse);
}
HttpStatusCode statusCode = httpResponse.StatusCode;
if (statusCode != HttpStatusCode.OK)
{
cancellationToken.ThrowIfCancellationRequested();
CloudException ex = CloudException.Create(httpRequest, requestContent, httpResponse, await httpResponse.Content.ReadAsStringAsync().ConfigureAwait(false));
if (shouldTrace)
{
TracingAdapter.Error(invocationId, ex);
}
throw ex;
}
// Create Result
UploadCertificateResponse result = null;
// Deserialize Response
if (statusCode == HttpStatusCode.OK)
{
cancellationToken.ThrowIfCancellationRequested();
string responseContent = await httpResponse.Content.ReadAsStringAsync().ConfigureAwait(false);
result = new UploadCertificateResponse();
JToken responseDoc = null;
if (string.IsNullOrEmpty(responseContent) == false)
{
responseDoc = JToken.Parse(responseContent);
}
if (responseDoc != null && responseDoc.Type != JTokenType.Null)
{
JToken propertiesValue2 = responseDoc["properties"];
if (propertiesValue2 != null && propertiesValue2.Type != JTokenType.Null)
{
CertificateProperties propertiesInstance = new CertificateProperties();
result.Properties = propertiesInstance;
JToken friendlyNameValue = propertiesValue2["friendlyName"];
if (friendlyNameValue != null && friendlyNameValue.Type != JTokenType.Null)
{
string friendlyNameInstance = ((string)friendlyNameValue);
propertiesInstance.FriendlyName = friendlyNameInstance;
}
JToken globalAcsHostNameValue = propertiesValue2["globalAcsHostName"];
if (globalAcsHostNameValue != null && globalAcsHostNameValue.Type != JTokenType.Null)
{
string globalAcsHostNameInstance = ((string)globalAcsHostNameValue);
propertiesInstance.GlobalAcsHostName = globalAcsHostNameInstance;
}
JToken globalAcsNamespaceValue = propertiesValue2["globalAcsNamespace"];
if (globalAcsNamespaceValue != null && globalAcsNamespaceValue.Type != JTokenType.Null)
{
string globalAcsNamespaceInstance = ((string)globalAcsNamespaceValue);
propertiesInstance.GlobalAcsNamespace = globalAcsNamespaceInstance;
}
JToken globalAcsRPRealmValue = propertiesValue2["globalAcsRPRealm"];
if (globalAcsRPRealmValue != null && globalAcsRPRealmValue.Type != JTokenType.Null)
{
string globalAcsRPRealmInstance = ((string)globalAcsRPRealmValue);
propertiesInstance.GlobalAcsRPRealm = globalAcsRPRealmInstance;
}
JToken resourceIdValue = propertiesValue2["resourceId"];
if (resourceIdValue != null && resourceIdValue.Type != JTokenType.Null)
{
long resourceIdInstance = ((long)resourceIdValue);
propertiesInstance.ResourceId = resourceIdInstance;
}
}
}
}
result.StatusCode = statusCode;
if (shouldTrace)
{
TracingAdapter.Exit(invocationId, result);
}
return(result);
}
finally
{
if (httpResponse != null)
{
httpResponse.Dispose();
}
}
}
finally
{
if (httpRequest != null)
{
httpRequest.Dispose();
}
}
}
public void HelloWorldSync()
{
// Environment variable with the Key Vault endpoint.
string keyVaultUrl = Environment.GetEnvironmentVariable("AZURE_KEYVAULT_URL");
// Instantiate a certificate client that will be used to call the service. Notice that the client is using
// default Azure credentials. To make default credentials work, ensure that environment variables 'AZURE_CLIENT_ID',
// 'AZURE_CLIENT_KEY' and 'AZURE_TENANT_ID' are set with the service principal credentials.
var client = new CertificateClient(new Uri(keyVaultUrl), new DefaultAzureCredential());
// Let's create a self signed certifiate using the default policy. If the certificiate
// already exists in the Key Vault, then a new version of the key is created.
string certName = $"defaultCert-{Guid.NewGuid()}";
CertificateOperation certOp = client.StartCreateCertificate(certName);
// Next let's wait on the certificate operation to complete. Note that certificate creation can last an indeterministic
// amount of time, so applications should only wait on the operation to complete in the case the issuance time is well
// known and within the scope of the application lifetime. In this case we are creating a self-signed certificate which
// should be issued in a relatively short amount of time.
while (!certOp.HasCompleted)
{
certOp.UpdateStatus();
Thread.Sleep(certOp.PollingInterval);
}
// Let's get the created certificate along with it's policy from the Key Vault.
CertificateWithPolicy certificate = client.GetCertificateWithPolicy(certName);
Debug.WriteLine($"Certificate was returned with name {certificate.Name} which expires {certificate.Properties.Expires}");
// We find that the certificate has been compromised and we want to disable it so applications will no longer be able
// to access the compromised version of the certificate.
CertificateProperties certificateProperties = certificate.Properties;
certificateProperties.Enabled = false;
Certificate updatedCert = client.UpdateCertificateProperties(certificateProperties);
Debug.WriteLine($"Certificate enabled set to '{updatedCert.Properties.Enabled}'");
// We need to create a new version of the certificate that applications can use to replace the compromised certificate.
// Creating a certificate with the same name and policy as the compromised certificate will create another version of the
// certificate with similar properties to the original certificate
CertificateOperation newCertOp = client.StartCreateCertificate(certificate.Name, certificate.Policy);
while (!newCertOp.HasCompleted)
{
newCertOp.UpdateStatus();
Thread.Sleep(newCertOp.PollingInterval);
}
// The certificate is no longer needed, need to delete it from the Key Vault.
client.DeleteCertificate(certName);
// To ensure certificate is deleted on server side.
Assert.IsTrue(WaitForDeletedCertificate(client, certName));
// If the keyvault is soft-delete enabled, then for permanent deletion, deleted certificate needs to be purged.
client.PurgeDeletedCertificate(certName);
}
