/// <summary>Gets the authentication token.</summary>
/// <returns></returns>
private async Task <string> GetAuthToken()
{
bool.TryParse(Environment.GetEnvironmentVariable(Constants.KeyVaultEnabled), out bool isKeyVaultEnabled);
if (isKeyVaultEnabled)
{
ClientId = await KeyVaultHelper.GetKeyValueAsync(Constants.ClientId);
ClientSecret = await KeyVaultHelper.GetKeyValueAsync(Constants.ClientSecret);
}
else
{
ClientId = Environment.GetEnvironmentVariable(Constants.ClientId);
ClientSecret = Environment.GetEnvironmentVariable(Constants.ClientSecret);
}
string ResourceId = Environment.GetEnvironmentVariable(Constants.ResourceId);
var authContext = CreateAuthenticationContext();
try
{
log.LogInformation(Constants.OAuthBearerTokenGenerationStarted);
ClientCredential clientCredential = new ClientCredential(ClientId, ClientSecret);
var token = await authContext.AcquireTokenAsync(ResourceId, clientCredential);
log.LogInformation(Constants.OAuthBearerTokenGenerationCompleted);
return(token.AccessToken);
}
catch (Exception ex)
{
log.LogInformation(Constants.OAuthBearerTokenGenerationFailed);
log.LogInformation(ex.InnerException.ToString());
throw ex;
}
}
/// <summary>
/// ProcessRecord
/// </summary>
protected override void ProcessRecord()
{
Data.KeyVault KeyVault = KeyVaultHelper.GetItemThrow(null, VaultName, true);
if (!(String.IsNullOrEmpty(KeyVault.Thumbprint)))
{
WriteError(
(new PSAdminException(PSAdminExceptionType.ParameterDefined, String.Format("in KeyVault '{0}' with the name of '{1}'", VaultName, Thumbprint))).GetErrorRecord()
);
return;
}
Data.KeyVaultCertificate[] SearchCertificate = KeyVaultCertificateHelper.GetItemsThrow(null, KeyVault.VaultName, null, Thumbprint, null, false, true);
X509Certificate2 x509 = (X509Certificate2)SearchCertificate[0].Certificate;
if ((x509.HasPrivateKey == false) || (x509.PrivateKey == null))
{
WriteError(
(new PSAdminException(PSAdminExceptionType.CertificatePrivateKey, Thumbprint)).GetErrorRecord()
);
return;
}
Hashtable filter = new Hashtable {
{ "Id", KeyVault.Id },
{ "VaultName", KeyVault.VaultName },
};
Hashtable row = new Hashtable {
{ "Thumbprint", x509.Thumbprint },
{ "VaultKey", ((RSACryptoServiceProvider)x509.PublicKey.Key).Encrypt(KeyVault.VaultKey, true) }
};
bool issuccessful = KeyVaultHelper.SetItemsThrow(row, filter, true);
}
public Startup(IWebHostEnvironment env, IConfiguration configuration)
{
Configuration = configuration;
if (env.IsDevelopment())
{
// 開発:UserSecretsから取得
Configuration[Constants.AppSettingPath.Secrets.ClientSecret] =
configuration.GetValue <string>(Constants.UserSecrets.ClientSecret);
Configuration[Constants.AppSettingPath.Secrets.DbConnectionString] =
configuration.GetConnectionString(Constants.UserSecrets.ConnectionStrings.Database);
Configuration[Constants.AppSettingPath.Secrets.SlackAppToken] =
configuration.GetValue <string>(Constants.UserSecrets.SlackAppToken);
}
else
{
// 開発以外:appsettings.jsonの値でKeyVaultを参照しシークレットを取得して上書き
Configuration[Constants.AppSettingPath.Secrets.ClientSecret] =
KeyVaultHelper.GetSecretFromKeyVaultAsync(Configuration[Constants.AppSettingPath.Secrets.ClientSecret]).Result.Result;
Configuration[Constants.AppSettingPath.Secrets.DbConnectionString] =
KeyVaultHelper.GetSecretFromKeyVaultAsync(Configuration[Constants.AppSettingPath.Secrets.DbConnectionString]).Result.Result;
Configuration[Constants.AppSettingPath.Secrets.SlackAppToken] =
KeyVaultHelper.GetSecretFromKeyVaultAsync(Configuration[Constants.AppSettingPath.Secrets.SlackAppToken]).Result.Result;
}
}
/// <summary>
/// Process Record
/// </summary>
protected override void ProcessRecord()
{
Data.KeyVault KeyVault = KeyVaultHelper.GetItemThrow(null, VaultName, true);
Data.KeyVaultCertificate[] SearchCertificate = KeyVaultCertificateHelper.GetItemsThrow(null, VaultName, Name, null, null, false, true);
// Note: This will only ever return one item
foreach (Data.KeyVaultCertificate Certificate in SearchCertificate)
{
X509Certificate2 x509 = (X509Certificate2)Certificate.Certificate;
byte[] CertificateByteArray = x509.Export(X509ContentType.Pkcs12, Password);
x509.Dispose();
switch (ParameterSetName)
{
case ImportFromFileParameterSetName:
File.WriteAllBytes(FileName, CertificateByteArray);
break;
case ImportFromStringParameterSetName:
WriteObject(
Convert.ToBase64String(CertificateByteArray)
);
break;
default:
WriteError(
(new PSAdminException(PSAdminExceptionType.ParameterSetNotFound, Name, "Name")).GetErrorRecord()
);
return;
}
}
}
/// <summary>
/// Run the app
/// </summary>
/// <param name="keyvaultName">Keyvault Name</param>
/// <param name="authType">Authentication Type</param>
/// <param name="dryRun">Dry Run flag</param>
/// <returns></returns>
public static async Task <int> RunApp(string keyvaultName, AuthenticationType authType, LogLevel logLevel, bool dryRun)
{
// validate keyvaultName and convert to URL
if (!KeyVaultHelper.BuildKeyVaultConnectionString(keyvaultName, out string kvUrl))
{
return(-1);
}
try
{
// setup ctl c handler
ctCancel = SetupCtlCHandler();
AppLogLevel = logLevel;
// build the host
host = await BuildHost(kvUrl, authType).ConfigureAwait(false);
if (host == null)
{
return(-1);
}
// don't start the web server
if (dryRun)
{
return(DoDryRun(kvUrl, authType));
}
// log startup messages
LogStartup();
// start the webserver
var w = host.RunAsync();
// this doesn't return except on ctl-c
await w.ConfigureAwait(false);
// use this line instead if you want to re-read the Cosmos connection info on a timer
//await RunKeyRotationCheck(ctCancel, Constants.KeyVaultChangeCheckSeconds).ConfigureAwait(false);
// if not cancelled, app exit -1
return(ctCancel.IsCancellationRequested ? 0 : -1);
}
catch (Exception ex)
{
// end app on error
if (logger != null)
{
logger.LogError($"Exception: {ex}");
}
else
{
Console.WriteLine($"{ex}\nError in Main() {ex.Message}");
}
return(-1);
}
}
public async System.Threading.Tasks.Task TestMethod1Async()
{
KeyVaultHelper helper = new KeyVaultHelper();
EncrptHandler e = new EncrptHandler();
string ed = e.EncryptData("gaurav");
string keyVaulturl = "https://gaurav-1.vault.azure.net/";
string keyname = "gaurav-key1";
KeyBundle x = await helper.CreateKey(keyVaulturl, keyname);
byte[] wrapped_key = await helper.WrapKey(e.aesM.Key, keyVaulturl, keyname);
string secretname = "gaurav-secret";
string value = Convert.ToBase64String(wrapped_key);
helper.CreateSecretInKeyvaultTostoreWrappedKey(value, keyVaulturl, secretname);
string wrapped_Aes_key_which_is_stored_in_keyvault = (await helper.GetSecret(keyVaulturl, secretname)).Value;
Console.WriteLine(wrapped_Aes_key_which_is_stored_in_keyvault);
//Console.WriteLine("llalla");
Console.WriteLine(value);
byte[] wrapped_aes_key_which_is_stored_in_keyvault = Convert.FromBase64String(wrapped_Aes_key_which_is_stored_in_keyvault);
byte[] aesKey = await helper.UnwrapKey(wrapped_aes_key_which_is_stored_in_keyvault, keyVaulturl, keyname);
string dd = e.DecryptData(ed, aesKey);
Assert.AreEqual("gaurav", dd);
Console.WriteLine(ed);
Console.WriteLine(dd);
}
public static async Task <JsonWebKey> GetKeyFromKeyVaultAsync(this string keyName, IKeyVaultHelperSettings settings = null)
{
var manager = new KeyVaultHelper(settings ?? KeyVaultHelperSettingsResolver.Current);
var result = await manager.GetKeyBundleAsync(keyName);
return(result.Key);
}
public static async Task <X509Certificate2> GetAsync()
{
int retries = 0;
const int maxRetries = 4;
const string certName = "JwtCert";
while (true)
{
try
{
/* The next four lines of code show you how to use AppAuthentication library to fetch secrets from your key vault */
// Note that for this to work on developer machine, you must install Azure CLI and log in
SecretBundle secretBundle = await KeyVaultHelper.GetSecretAsync(certName);
return(new X509Certificate2(Convert.FromBase64String(secretBundle.Value)));
}
/* If you have throttling errors see this tutorial https://docs.microsoft.com/azure/key-vault/tutorial-net-create-vault-azure-web-app */
/// <exception cref="KeyVaultErrorException">
/// Thrown when the operation returned an invalid status code
/// </exception>
catch (KeyVaultErrorException keyVaultException)
{
if (retries < maxRetries)
{
retries++;
await Task.Delay(getWaitTime(retries));
}
else
{
throw keyVaultException;
}
}
}
}
public void FillQueue()
{
KeyVaultHelper.LogIntoKeyVault();
var connectionString = KeyVaultHelper.GetSecret("https://spotify-matchmaker.vault.azure.net/secrets/storage-connection-string/");
// Retrieve storage account from connection string.
CloudStorageAccount storageAccount = CloudStorageAccount.Parse(connectionString);
// Create the queue client.
CloudQueueClient queueClient = storageAccount.CreateCloudQueueClient();
// Retrieve a reference to a queue.
CloudQueue queue = queueClient.GetQueueReference("spotify-queue");
// Create the queue if it doesn't already exist.
queue.CreateIfNotExists();
HashSet <string> partyCodes = new HashSet <string>();
for (int i = 0; i < 100; i++)
{
// Party newParty = MakeRandomParty();
string randomCode = RandomString(4);
partyCodes.Add(randomCode);
}
// Create a message and add it to the queue.
CloudQueueMessage message = new CloudQueueMessage("Hello, World");
queue.AddMessage(message);
}
public static async Task <string> GetSecretFromKeyVaultAsync(this string secretName, IKeyVaultHelperSettings settings = null)
{
var manager = new KeyVaultHelper(settings ?? KeyVaultHelperSettingsResolver.Current);
var result = await manager.GetSecretBundleAsync(secretName);
return(result.Value);
}
static async Task Main(string[] args)
{
var client = new SecretClient(KeyVaultHelper.GetVaultUri(VAULT_NAME), new DefaultAzureCredential());
var secret = await client.GetSecretAsync(SECRET_NAME);
Console.WriteLine($"The secret value I retrieved from Key Vault: {secret.Value}!");
}
/// <summary>
/// Process Record
/// </summary>
protected override void ProcessRecord()
{
Data.KeyVault[] vaults = KeyVaultHelper.GetItemsThrow(null, VaultName, !Match);
Data.Computer[] computers = GetPSAdminComputer.Call(Id, VaultName, ComputerName, null, !Match);
if ((Match == false) && (computers.Length < 1))
{
WriteError(
(new PSAdminException(PSAdminExceptionType.ItemNotFoundLookup, ComputerName, "ComputerName")).GetErrorRecord()
);
return;
}
// Unroll the object
foreach (Data.Computer computer in computers)
{
if (!ShouldProcess(computer.ComputerName, "Remove"))
{
continue;
}
bool IsSuccessful = Call(computer.Id, computer.VaultName, computer.ComputerName, !Match);
if (!IsSuccessful)
{
WriteError(
(new PSAdminException(PSAdminExceptionType.RowDelete)).GetErrorRecord()
);
}
}
}
public static void Run([QueueTrigger("spotify-queue", Connection = "AzureWebJobsStorage")] string myQueueItem, ILogger log)
{
log.LogInformation($"C# Queue trigger function processed: {myQueueItem}");
// parse the json queue data for party code
var jObject = JObject.Parse(myQueueItem);
var jToken = jObject.GetValue("party_code");
string partyCode = jToken.ToString();
KeyVaultHelper.LogIntoKeyVault();
var connectionString = KeyVaultHelper.GetSecret("https://spotify-matchmaker.vault.azure.net/secrets/storage-connection-string/");
var table = AzureStorageHelper.GetOrCreateTableAsync("partyCodes", connectionString).Result;
var accessTokens = AzureStorageHelper.GetParty(partyCode, table).GetAccessTokens();
log.LogInformation($"Access token for party code: {partyCode}");
foreach (var token in accessTokens)
{
// log.LogInformation($"Access token: {token}");
}
//take the party code and go to Azure Cosmos DB to lookup the party
//grab spotify tokens from Cosmos DB and snoop through their music collections
;
}
public IActionResult About()
{
ViewData["Message"] = "Your application description page.";
var valueFromKeyVault = KeyVaultHelper.GetValueAsync(Configuration["AuthorizationkeyFromKeyVault"]).GetAwaiter().GetResult();
ViewData["AuthorizationKey"] = valueFromKeyVault;
return(View());
}
/// <summary>
/// Build the web host
/// </summary>
/// <param name="kvUrl">URL of the Key Vault</param>
/// <param name="authType">MI, CLI, VS</param>
/// <returns>Web Host ready to run</returns>
private static async Task <IWebHost> BuildHost(string kvUrl, AuthenticationType authType)
{
// create the Key Vault Client
KeyVaultClient kvClient = await KeyVaultHelper.GetKeyVaultClient(kvUrl, authType, Constants.CosmosDatabase).ConfigureAwait(false);
if (kvClient == null)
{
return(null);
}
// build the config
// we need the key vault values for the DAL
config = BuildConfig(kvClient, kvUrl);
// configure the web host builder
IWebHostBuilder builder = WebHost.CreateDefaultBuilder()
.UseConfiguration(config)
.UseUrls(string.Format(System.Globalization.CultureInfo.InvariantCulture, $"http://*:{Constants.Port}/"))
.UseStartup <Startup>()
.UseShutdownTimeout(TimeSpan.FromSeconds(Constants.GracefulShutdownTimeout))
.ConfigureServices(services =>
{
// add the data access layer via DI
services.AddDal(
new Uri(config.GetValue <string>(Constants.CosmosUrl)),
config.GetValue <string>(Constants.CosmosKey),
config.GetValue <string>(Constants.CosmosDatabase),
config.GetValue <string>(Constants.CosmosCollection));
// add the KeyVaultConnection via DI
services.AddKeyVaultConnection(kvClient, kvUrl);
// add IConfigurationRoot
services.AddSingleton <IConfigurationRoot>(config);
services.AddKeyRotation();
services.AddResponseCaching();
});
// configure logger based on command line
builder.ConfigureLogging(logger =>
{
logger.ClearProviders();
logger.AddConsole();
// if you specify the --log-level option, it will override the appsettings.json options
// remove any or all of the code below that you don't want to override
if (App.IsLogLevelSet)
{
logger.AddFilter("Microsoft", AppLogLevel)
.AddFilter("System", AppLogLevel)
.AddFilter("Default", AppLogLevel)
.AddFilter("CSE.Helium", AppLogLevel);
}
});
// build the host
return(builder.Build());
}
public override async Task <string> GetSecret(string secretName)
{
string token = KeyVaultHelper.getToken();
AzureServiceTokenProvider azureServiceTokenProvider = new AzureServiceTokenProvider();
KeyVaultClient keyVaultClient = new KeyVaultClient(new KeyVaultClient.AuthenticationCallback(azureServiceTokenProvider.KeyVaultTokenCallback));
var secret = await keyVaultClient.GetSecretAsync("https://reubenkv.vault.azure.net/secrets/" + secretName);
return(secret.Value);
}
public static async Task <IActionResult> Run(
[HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = null)] HttpRequest req,
ILogger log)
{
var client = new SecretClient(KeyVaultHelper.GetVaultUri(VAULT_NAME), new DefaultAzureCredential());
var secret = (await client.GetSecretAsync(SECRET_NAME)).Value;
return(new OkObjectResult($"The secret value I retrieved from Key Vault: {secret.Value}!"));
}
/// <summary>
/// Process Record
/// </summary>
protected override void ProcessRecord()
{
Data.KeyVault[] results = KeyVaultHelper.GetItems(Id, VaultName, Exact);
// Unroll the object
foreach (Data.KeyVault result in results)
{
WriteObject(result);
}
}
static async Task Main(string[] args)
{
var tokenProvider = new AzureServiceTokenProvider();
var callback = new KeyVaultClient.AuthenticationCallback(tokenProvider.KeyVaultTokenCallback);
var client = new KeyVaultClient(callback);
var secret = await client.GetSecretAsync(KeyVaultHelper.GetVaultUrl(VAULT_NAME), SECRET_NAME);
Console.WriteLine($"The secret value I retrieved from Key Vault: {secret.Value}!");
}
private static void Init()
{
var environment = Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT");
Console.WriteLine($"Environment: {environment}");
var builder = new ConfigurationBuilder()
.AddJsonFile($"appsettings.{environment}.json", true, true)
.AddEnvironmentVariables();
IConfigurationRoot Configuration = builder.Build();
// Retrieve configuration from sections
ApplicationSettings.ConnectionString = Configuration.GetSection("ApplicationSettings:ConnectionString")?.Value;
ApplicationSettings.DatabaseId = Configuration.GetSection("ApplicationSettings:DatabaseId")?.Value;
ApplicationSettings.UserCollection = Configuration.GetSection("ApplicationSettings:UserCollection")?.Value;
ApplicationSettings.RabbitMQUsername = Configuration.GetSection("ApplicationSettings:RabbitMQUsername")?.Value;
ApplicationSettings.RabbitMQPassword = Configuration.GetSection("ApplicationSettings:RabbitMQPassword")?.Value;
ApplicationSettings.RabbitMQHostname = Configuration.GetSection("ApplicationSettings:RabbitMQHostname")?.Value;
ApplicationSettings.RabbitMQPort = Convert.ToInt16(Configuration.GetSection("ApplicationSettings:RabbitMQPort")?.Value);
ApplicationSettings.UserRegistrationQueueName = Configuration.GetSection("ApplicationSettings:UserRegistrationQueueName")?.Value;
ApplicationSettings.KeyVaultCertificateName = Configuration.GetSection("ApplicationSettings:KeyVaultCertificateName")?.Value;
ApplicationSettings.KeyVaultClientId = Configuration.GetSection("ApplicationSettings:KeyVaultClientId")?.Value;
ApplicationSettings.KeyVaultClientSecret = Configuration.GetSection("ApplicationSettings:KeyVaultClientSecret")?.Value;
ApplicationSettings.KeyVaultIdentifier = Configuration.GetSection("ApplicationSettings:KeyVaultIdentifier")?.Value;
ApplicationSettings.KeyVaultEncryptionKey = Configuration.GetSection("ApplicationSettings:KeyVaultEncryptionKey")?.Value;
ApplicationSettings.SendGridAPIKey = Configuration.GetSection("ApplicationSettings:SendGridAPIKey")?.Value;
mongoDBConnectionInfo = new MongoDBConnectionInfo()
{
ConnectionString = ApplicationSettings.ConnectionString,
DatabaseId = ApplicationSettings.DatabaseId,
UserCollection = ApplicationSettings.UserCollection
};
keyVaultConnectionInfo = new KeyVaultConnectionInfo()
{
CertificateName = ApplicationSettings.KeyVaultCertificateName,
ClientId = ApplicationSettings.KeyVaultClientId,
ClientSecret = ApplicationSettings.KeyVaultClientSecret,
KeyVaultIdentifier = ApplicationSettings.KeyVaultIdentifier
};
using (KeyVaultHelper keyVaultHelper = new KeyVaultHelper(keyVaultConnectionInfo))
{
secret = keyVaultHelper.GetVaultKeyAsync(ApplicationSettings.KeyVaultEncryptionKey).Result;
}
using (BlockchainHelper blockchainHelper = new BlockchainHelper())
{
wordlist = blockchainHelper.ReadMnemonic();
}
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
Settings.AuthorizationKey = Configuration.GetSection("ApplicationSettings:AuthorizationKey")?.Value;
Settings.KeyVaultEncryptionKey = Configuration.GetSection("ApplicationSettings:KeyVaultEncryptionKey")?.Value;
Settings.KeyVaultApplicationCode = Configuration.GetSection("ApplicationSettings:KeyVaultApplicationCode")?.Value;
// Add Application Insights services into service collection
services.AddApplicationInsightsTelemetry();
// Add the standard telemetry client
services.AddSingleton <TelemetryClient, TelemetryClient>();
// Adding EncryptionKey and ApplicationCode
using (KeyVaultHelper keyVaultHelper = new KeyVaultHelper(EnvironmentName, ContentRootPath))
{
Settings.KeyVaultEncryptionKey = Configuration.GetSection("ApplicationSettings:KeyVaultEncryptionKey")?.Value;
EncryptionKey = keyVaultHelper.GetVaultKeyAsync(Settings.KeyVaultEncryptionKey).Result;
Settings.KeyVaultApplicationCode = Configuration.GetSection("ApplicationSettings:KeyVaultApplicationCode")?.Value;
ApplicationCode = keyVaultHelper.GetVaultKeyAsync(Settings.KeyVaultApplicationCode).Result;
}
// Adding Consul hosted service
using (ConsulHelper consulHelper = new ConsulHelper(EnvironmentName, ContentRootPath))
{
consulHelper.Initialize(services, Configuration);
}
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidateAudience = true,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
ValidIssuer = "https://BotApp.Luis.Router.Identity",
ValidAudience = "https://BotApp.Luis.Router.Identity",
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Settings.AuthorizationKey))
};
});
services.AddCors(o => o.AddPolicy("AllowAllPolicy", options =>
{
options.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader();
}));
}
/// <summary>
/// Process Record
/// </summary>
protected override void ProcessRecord()
{
String Id = Guid.NewGuid().ToString().Replace("-", "");
KeyVaultHelper.NewItemThrow(Id, VaultName, Location, VaultURI, SoftDeleteEnabled, Tags);
if (Passthru)
{
Data.KeyVault result = KeyVaultHelper.GetItem(null, VaultName, true);
WriteObject(result);
}
}
public static void Main(string[] args)
{
try
{
EnvironmentConfig.Initialize();
TelemetryConfiguration telemetryConfig = new TelemetryConfiguration(
EnvironmentConfig.Singleton.AppInsightsInstrumentationKey);
TelemetryHelper.Initilize(telemetryConfig, SourceName);
}
catch (Exception error)
{
Console.WriteLine(
"UNHANDLED EXCEPTION during initialization before TelemetryClient oculd be created: {0}",
error);
throw;
}
try
{
_ = EnvironmentConfig.Singleton.TenantId;
_ = EnvironmentConfig.Singleton.AllowedUsers;
KeyVaultHelper.Initialize(new Uri(EnvironmentConfig.Singleton.KeyVaultUri), new DefaultAzureCredential());
using (CosmosClient client =
KeyVaultHelper.Singleton.CreateCosmosClientFromKeyVault(
EnvironmentConfig.Singleton.MigrationMetadataCosmosAccountName,
WebAppUserAgentPrefix,
useBulk: false,
retryOn429Forever: true))
{
MigrationConfigDal.Initialize(
client.GetContainer(
EnvironmentConfig.Singleton.MigrationMetadataDatabaseName,
EnvironmentConfig.Singleton.MigrationMetadataContainerName),
EnvironmentConfig.Singleton.DefaultSourceAccount,
EnvironmentConfig.Singleton.DefaultDestinationAccount);
CreateHostBuilder(args).Build().Run();
}
}
catch (Exception unhandledException)
{
TelemetryHelper.Singleton.LogError(
"UNHANDLED EXCEPTION: {0}",
unhandledException);
throw;
}
}
private void CreateCloudStroageHandler()
{
bool.TryParse(Environment.GetEnvironmentVariable(Constants.KeyVaultEnabled), out bool isKeyVaultEnabled);
if (isKeyVaultEnabled)
{
storageAccount = CloudStorageAccount.Parse(KeyVaultHelper.GetKeyValueAsync(Constants.StorageContainerConnectionString).Result);
}
else
{
storageAccount = CloudStorageAccount.Parse(Environment.GetEnvironmentVariable(Constants.StorageContainerConnectionString));
}
EnsureRequiredContainers();
}
private async Task SendWebPushNotificationAsync(string userId, string notificationType, string notificationId, ITenant tenant, WebPushTemplate webPushTemplate)
{
if (webPushTemplate is null)
{
throw new Exception($"There is no WebPushTemplate defined for tenant: {tenant.Id} and notification type: {notificationType}");
}
// UserId will be a combination of tenantId and userId of that business.
string airshipUserId = $"{tenant.Id}:{userId}";
// Fetch the shared airship config url from the tenant
tenant.Properties.TryGet(Constants.TenantPropertyNames.AirshipKeyVaultUrl, out string airshipKeyVaultUrl);
if (string.IsNullOrEmpty(airshipKeyVaultUrl))
{
throw new Exception($"There is no SharedAirshipConfig defined for tenant: {tenant.Id} and notification type: {notificationType}");
}
string?airshipSecretsString = await KeyVaultHelper.GetDeliveryChannelSecretAsync(this.configuration, airshipKeyVaultUrl).ConfigureAwait(false);
if (string.IsNullOrEmpty(airshipSecretsString))
{
throw new Exception("There is no airship delivery channel configuration setup in the keyvault");
}
// Convert secret to airship secret model
Airship airshipSecrets = JsonConvert.DeserializeObject <Airship>(airshipSecretsString);
var airshipDeliveryChannelObject = new AirshipDeliveryChannel(
webPushTemplate.Title !,
webPushTemplate.Body !,
webPushTemplate.ActionUrl !);
try
{
AirshipWebPushResponse?airshipResponse = await this.SendAirshipNotificationAsync(
airshipUserId,
airshipDeliveryChannelObject,
airshipSecrets).ConfigureAwait(false);
await this.UpdateNotificationDeliveryStatusAsync(
airshipDeliveryChannelObject.ContentType,
notificationId,
airshipResponse is null?UserNotificationDeliveryStatus.Unknown : UserNotificationDeliveryStatus.NotTracked,
tenant).ConfigureAwait(false);
}
catch (Exception ex)
{
await this.UpdateNotificationDeliveryStatusAsync(airshipDeliveryChannelObject.ContentType, notificationId, UserNotificationDeliveryStatus.PermanentlyFailed, tenant, ex.Message).ConfigureAwait(false);
}
}
/// <summary>
/// Process Record
/// </summary>
protected override void ProcessRecord()
{
Data.KeyVault[] vaults = KeyVaultHelper.GetItemsThrow(Id, VaultName, !Match);
// This should always remove item as exact values.
foreach (Data.KeyVault vault in vaults)
{
if (!ShouldProcess(vault.VaultName, "Remove"))
{
continue;
}
KeyVaultHelper.RemoveItems(vault.Id, vault.VaultName, true);
}
}
private static void Init()
{
var builder = new ConfigurationBuilder()
.AddJsonFile($"appsettings.json", true, true)
.AddEnvironmentVariables();
IConfigurationRoot Configuration = builder.Build();
// Retrieve configuration from sections
Settings.ConnectionString = Configuration.GetSection("ConnectionString")?.Value;
Settings.DatabaseId = Configuration.GetSection("DatabaseId")?.Value;
Settings.UserCollection = Configuration.GetSection("UserCollection")?.Value;
Settings.RabbitMQUsername = Configuration.GetSection("RabbitMQUsername")?.Value;
Settings.RabbitMQPassword = Configuration.GetSection("RabbitMQPassword")?.Value;
Settings.RabbitMQHostname = Configuration.GetSection("RabbitMQHostname")?.Value;
Settings.RabbitMQPort = Convert.ToInt16(Configuration.GetSection("RabbitMQPort")?.Value);
Settings.UserRegistrationQueueName = Configuration.GetSection("UserRegistrationQueueName")?.Value;
Settings.KeyVaultCertificateName = Configuration.GetSection("KeyVaultCertificateName")?.Value;
Settings.KeyVaultClientId = Configuration.GetSection("KeyVaultClientId")?.Value;
Settings.KeyVaultClientSecret = Configuration.GetSection("KeyVaultClientSecret")?.Value;
Settings.KeyVaultIdentifier = Configuration.GetSection("KeyVaultIdentifier")?.Value;
Settings.KeyVaultEncryptionKey = Configuration.GetSection("KeyVaultEncryptionKey")?.Value;
Settings.SendGridAPIKey = Configuration.GetSection("SendGridAPIKey")?.Value;
mongoDBConnectionInfo = new MongoDBConnectionInfo()
{
ConnectionString = Settings.ConnectionString,
DatabaseId = Settings.DatabaseId,
UserCollection = Settings.UserCollection
};
keyVaultConnectionInfo = new KeyVaultConnectionInfo()
{
CertificateName = Settings.KeyVaultCertificateName,
ClientId = Settings.KeyVaultClientId,
ClientSecret = Settings.KeyVaultClientSecret,
KeyVaultIdentifier = Settings.KeyVaultIdentifier
};
using (KeyVaultHelper keyVaultHelper = new KeyVaultHelper(keyVaultConnectionInfo))
{
secret = keyVaultHelper.GetVaultKeyAsync(Settings.KeyVaultEncryptionKey).Result;
}
using (BlockchainHelper blockchainHelper = new BlockchainHelper())
{
wordlist = blockchainHelper.ReadMnemonic();
}
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddDbContext <ApplicationDbContext>(options =>
options.UseSqlServer(Configuration.GetConnectionString("OAuthConnection")));
services.AddIdentity <ApplicationUser, IdentityRole>((options) =>
{
options.Password.RequiredLength = 6;
options.Password.RequiredUniqueChars = 0;
options.Password.RequireNonAlphanumeric = false;
options.Password.RequireDigit = false;
options.Password.RequireLowercase = false;
options.Password.RequireUppercase = false;
})
.AddEntityFrameworkStores <ApplicationDbContext>()
.AddDefaultTokenProviders();
services.AddAuthentication()
.AddOAuthValidation()
.AddOpenIdConnectServer(options =>
{
options.UserinfoEndpointPath = "/api/v1/me";
options.TokenEndpointPath = "/api/v1/token";
options.AuthorizationEndpointPath = "/authorize/";
options.UseSlidingExpiration = false;
options.AllowInsecureHttp = true;
options.AccessTokenLifetime = TimeSpan.FromHours(1);
options.RefreshTokenLifetime =
TimeSpan.FromDays(365 * 1000);
options.AuthorizationCodeLifetime = TimeSpan.FromSeconds(60);
options.IdentityTokenLifetime = options.AccessTokenLifetime;
options.ProviderType = typeof(OAuthProvider);
// Register the HSM signing key.
var keyPath = Configuration.GetSection("KeyVault")["KeyPath"];
var keyVaultEndpoint = Configuration.GetSection("KeyVault")["KeyVaultEndpoint"];
options.SigningCredentials.AddKey(KeyVaultHelper.GetSigningKey(keyVaultEndpoint, keyPath));
});
// Add application services.
services.AddTransient <IEmailSender, EmailSender>();
services.AddScoped <OAuthProvider>();
services.AddTransient <ValidationService>();
services.AddTransient <TokenService>();
services.AddSingleton <IAuthorizationPolicyProvider, AuthorizationPolicyProvider>();
services.AddSingleton <IAuthorizationHandler, HasScopeHandler>();
services.AddMvc();
services.AddApplicationInsightsTelemetry();
}
/// <summary>
/// Process Record
/// </summary>
protected override void ProcessRecord()
{
bool Successful = KeyVaultHelper.SetItemsThrow(Id, VaultName, Location, VaultURI, SoftDeleteEnabled, Tags, Exact);
if (Passthru)
{
Data.KeyVault[] results = KeyVaultHelper.GetItems(null, VaultName, true);
// Unroll the object
foreach (Data.KeyVault result in results)
{
WriteObject(result);
}
}
}
private static void Init()
{
var builder = new ConfigurationBuilder()
.AddJsonFile("appsettings.json", optional: true, reloadOnChange: true)
.AddJsonFile("secrets/appsettings.secrets.json", optional: true)
.AddEnvironmentVariables();
IConfigurationRoot Configuration = builder.Build();
// Retrieve configuration from sections
ApplicationSettings.ConnectionString = Configuration.GetSection("ApplicationSettings:ConnectionString")?.Value;
ApplicationSettings.DatabaseId = Configuration.GetSection("ApplicationSettings:DatabaseId")?.Value;
ApplicationSettings.ReportCollection = Configuration.GetSection("ApplicationSettings:ReportCollection")?.Value;
ApplicationSettings.RabbitMQUsername = Configuration.GetSection("ApplicationSettings:RabbitMQUsername")?.Value;
ApplicationSettings.RabbitMQPassword = Configuration.GetSection("ApplicationSettings:RabbitMQPassword")?.Value;
ApplicationSettings.RabbitMQHostname = Configuration.GetSection("ApplicationSettings:RabbitMQHostname")?.Value;
ApplicationSettings.RabbitMQPort = Convert.ToInt16(Configuration.GetSection("ApplicationSettings:RabbitMQPort")?.Value);
ApplicationSettings.DispatchQueueName = Configuration.GetSection("ApplicationSettings:DispatchQueueName")?.Value;
ApplicationSettings.KeyVaultCertificateName = Configuration.GetSection("ApplicationSettings:KeyVaultCertificateName")?.Value;
ApplicationSettings.KeyVaultClientId = Configuration.GetSection("ApplicationSettings:KeyVaultClientId")?.Value;
ApplicationSettings.KeyVaultClientSecret = Configuration.GetSection("ApplicationSettings:KeyVaultClientSecret")?.Value;
ApplicationSettings.KeyVaultIdentifier = Configuration.GetSection("ApplicationSettings:KeyVaultIdentifier")?.Value;
ApplicationSettings.KeyVaultEncryptionKey = Configuration.GetSection("ApplicationSettings:KeyVaultEncryptionKey")?.Value;
ApplicationSettings.SendGridAPIKey = Configuration.GetSection("ApplicationSettings:SendGridAPIKey")?.Value;
mongoDBConnectionInfo = new MongoDBConnectionInfo()
{
ConnectionString = ApplicationSettings.ConnectionString,
DatabaseId = ApplicationSettings.DatabaseId,
UserCollection = ApplicationSettings.ReportCollection
};
keyVaultConnectionInfo = new KeyVaultConnectionInfo()
{
CertificateName = ApplicationSettings.KeyVaultCertificateName,
ClientId = ApplicationSettings.KeyVaultClientId,
ClientSecret = ApplicationSettings.KeyVaultClientSecret,
KeyVaultIdentifier = ApplicationSettings.KeyVaultIdentifier
};
using (KeyVaultHelper keyVaultHelper = new KeyVaultHelper(keyVaultConnectionInfo))
{
secret = keyVaultHelper.GetVaultKeyAsync(ApplicationSettings.KeyVaultEncryptionKey).Result;
}
pdfTools = new PdfTools();
converter = new SynchronizedConverter(pdfTools);
}
