public async Task GetSecretMissing()
{
var manager = new KeyVaultManager(mockup.Get <IShellRunner>());
var result = await manager.GetSecret(TestVault, "NotFound");
Assert.Null(result);
}
private async Task <string> GetSecretAsync(string key)
{
KeyVaultManager keyManager = new KeyVaultManager();
var secret = await keyManager.GetSecretStringAsync(_keyVaultName, key);
return(secret);
}
public NotificationController(
IOptions <SubscriptionOptions> subscriptionOptions,
KeyVaultManager keyVaultManager)
{
this.SubscriptionOptions = subscriptionOptions;
this.KeyVaultManager = keyVaultManager;
}
private Azure(RestClient restClient, string subscriptionId, string tenantId, IAuthenticated authenticated)
{
resourceManager = ResourceManager.Fluent.ResourceManager.Authenticate(restClient).WithSubscription(subscriptionId);
storageManager = StorageManager.Authenticate(restClient, subscriptionId);
computeManager = ComputeManager.Authenticate(restClient, subscriptionId);
networkManager = NetworkManager.Authenticate(restClient, subscriptionId);
batchManager = BatchManager.Authenticate(restClient, subscriptionId);
keyVaultManager = KeyVaultManager.Authenticate(restClient, subscriptionId, tenantId);
trafficManager = TrafficManager.Fluent.TrafficManager.Authenticate(restClient, subscriptionId);
dnsZoneManager = DnsZoneManager.Authenticate(restClient, subscriptionId);
sqlManager = SqlManager.Authenticate(restClient, subscriptionId);
redisManager = RedisManager.Authenticate(restClient, subscriptionId);
cdnManager = CdnManager.Authenticate(restClient, subscriptionId);
appServiceManager = AppServiceManager.Authenticate(restClient, subscriptionId, tenantId);
searchManager = SearchManager.Authenticate(restClient, subscriptionId);
serviceBusManager = ServiceBusManager.Authenticate(restClient, subscriptionId);
containerInstanceManager = ContainerInstanceManager.Authenticate(restClient, subscriptionId);
registryManager = RegistryManager.Authenticate(restClient, subscriptionId);
containerServiceManager = ContainerServiceManager.Authenticate(restClient, subscriptionId);
cosmosDBManager = CosmosDBManager.Authenticate(restClient, subscriptionId);
authorizationManager = AuthorizationManager.Authenticate(restClient, subscriptionId);
msiManager = MsiManager.Authenticate(restClient, subscriptionId);
batchAIManager = BatchAIManager.Authenticate(restClient, subscriptionId);
monitorManager = MonitorManager.Authenticate(restClient, subscriptionId);
eventHubManager = EventHubManager.Authenticate(restClient, subscriptionId);
SubscriptionId = subscriptionId;
this.authenticated = authenticated;
}
public async Task GetSecret()
{
var manager = new KeyVaultManager(mockup.Get <IShellRunner>());
var result = (await manager.GetSecret(TestVault, TestKey));
Assert.Equal(result, TestValue);
}
public async Task ExistsNot()
{
var manager = new KeyVaultManager(mockup.Get <IShellRunner>());
var result = await manager.Exists(TestVault + "doesnotexist");
Assert.False(result);
}
public async Task Exists()
{
var manager = new KeyVaultManager(mockup.Get <IShellRunner>());
var result = await manager.Exists(TestVault);
Assert.True(result);
}
public static async Task Run(
[TimerTrigger("0 0 5 * * *")] TimerInfo myTimer
, ILogger log
, [Blob("opml-file/SeanKilleenBlogs.opml", FileAccess.Write)] Stream blobOutput)
{
log.LogInformation($"C# Timer trigger function executed at: {DateTime.Now}");
var accessToken = await KeyVaultManager.GetFeedlyAccessToken();
var opmlXml = await FeedlyManager.GetOpmlContents(accessToken);
var categories = new List <string> {
"development", "tech", "development - discover.net", "devops", "agile"
};
var filteredDoc = OpmlFilterer.FilterToCategories(opmlXml, categories);
log.LogInformation("After filtering: ");
log.LogInformation(filteredDoc);
var filterAndLabeledDoc = OpmlLabeler.LabelOpmlFile(filteredDoc);
log.LogInformation("After labeling: ");
log.LogInformation(filterAndLabeledDoc);
log.LogInformation("Saving to the blob");
var thing = Encoding.Default.GetBytes(filterAndLabeledDoc);
await blobOutput.WriteAsync(thing, 0, thing.Length);
log.LogInformation("Finished!");
}
public static IKeyVaultManager CreateKeyVaultManager()
{
return(CreateMockedManager(c => KeyVaultManager
.Configure()
.WithDelegatingHandlers(GetHandlers())
.WithLogLevel(HttpLoggingDelegatingHandler.Level.BodyAndHeaders)
.Authenticate(c, c.DefaultSubscriptionId)));
}
private async Task <string> GetSecretAsync(ApiResult setting)
{
string key = setting.Result?.ToString();
KeyVaultManager keyManager = new KeyVaultManager();
var secret = await keyManager.GetSecretStringAsync(_keyVaultName, key);
return(secret);
}
public SecretProvider()
{
this.keyvaultManager = new KeyVaultManager(
AadClientId,
AadClientUrl,
CertificateThumbprint);
this.GoogleSheetsConfig = this.keyvaultManager.GetSecret(GoogleSheetsConfigSecretName);
this.TelegramBotToken = this.keyvaultManager.GetSecret(TelegramTokenSecretName);
this.BlobStorageConnectionString = this.keyvaultManager.GetSecret(BlobStorageConnectionStringSecretName);
}
private static IConfigurationRoot MergeInKeyVaultConfig(IConfigurationRoot config, string keyVaultName)
{
IConfigurationBuilder configBuilder = new ConfigurationBuilder();
configBuilder.AddConfiguration(config);
List <KeyValuePair <string, string> > secretsList = KeyVaultManager.DownloadKeyVaultValues(keyVaultName);
configBuilder.AddInMemoryCollection(secretsList);
return(configBuilder.Build());
}
public SubscriptionController(ISubscriptionStore subscriptionStore,
ITokenAcquisition tokenAcquisition,
KeyVaultManager keyVaultManager,
IOptions <SubscriptionOptions> subscriptionOptions,
IOptions <AppSettings> appSettings)
{
this.subscriptionStore = subscriptionStore;
this.tokenAcquisition = tokenAcquisition;
this.keyVaultManager = keyVaultManager ?? throw new ArgumentNullException(nameof(keyVaultManager));
this.subscriptionOptions = subscriptionOptions ?? throw new ArgumentNullException(nameof(subscriptionOptions));
this.appSettings = appSettings ?? throw new ArgumentNullException(nameof(appSettings));
}
public SubscriptionController(ISubscriptionStore subscriptionStore,
ITokenAcquisition tokenAcquisition,
KeyVaultManager keyVaultManager,
IOptions <SubscriptionOptions> subscriptionOptions,
IOptions <DownstreamApiSettings> appSettings,
GraphServiceClient graphServiceClient)
{
this.subscriptionStore = subscriptionStore;
this.tokenAcquisition = tokenAcquisition;
this.keyVaultManager = keyVaultManager ?? throw new ArgumentNullException(nameof(keyVaultManager));
this.subscriptionOptions = subscriptionOptions ?? throw new ArgumentNullException(nameof(subscriptionOptions));
this.appSettings = appSettings ?? throw new ArgumentNullException(nameof(appSettings));
this.graphServiceClient = graphServiceClient ?? throw new ArgumentNullException(nameof(graphServiceClient));
}
// ReSharper disable once UnusedParameter.Global
public static async Task Run([TimerTrigger("0 0 */6 * * *")] TimerInfo myTimer, ILogger log)
{
log.LogInformation($"RefreshFeedlyAuthToken function executed at: {DateTime.Now}");
log.LogInformation($"UserId: {userId}");
log.LogInformation("Getting current access token contents from key vault");
var accessToken = await KeyVaultManager.GetFeedlyAccessToken();
log.LogInformation("Getting refreshed access token from Feedly API");
var feedlyResponse = await FeedlyManager.RefreshFeedlyAccessToken(accessToken, log, refreshToken);
log.LogInformation("Setting the secret in the key vault");
await KeyVaultManager.UpdateFeedlyAccessToken(feedlyResponse.access_token);
log.LogInformation("Successfully updated token in the key vault");
}
public NotificationController(ISubscriptionStore subscriptionStore,
IHubContext <NotificationHub> notificationHub,
ILogger <NotificationController> logger,
ITokenAcquisition tokenAcquisition,
IOptions <MicrosoftIdentityOptions> identityOptions,
KeyVaultManager keyVaultManager,
IOptions <AppSettings> appSettings,
IOptions <SubscriptionOptions> subscriptionOptions)
{
this.subscriptionStore = subscriptionStore;
this.notificationHub = notificationHub;
this.logger = logger;
this.tokenAcquisition = tokenAcquisition;
this.identityOptions = identityOptions ?? throw new ArgumentNullException(nameof(identityOptions));
this.keyVaultManager = keyVaultManager ?? throw new ArgumentNullException(nameof(keyVaultManager));
this.appSettings = appSettings ?? throw new ArgumentNullException(nameof(appSettings));
this.subscriptionOptions = subscriptionOptions ?? throw new ArgumentNullException(nameof(subscriptionOptions));
}
static async Task MainAsync(string[] args)
{
var secretName = "AMSAccountSettings";
try
{
var secretSettingsManager = new KeyVaultManager<ProtectedApplicationSettings>();
var securedConfigSettings = await secretSettingsManager.GetSecretFromJson(secretName);
Console.WriteLine("Storage Key Retrieved from KeyVault: {0}", securedConfigSettings.AzureStorageKey);
}
catch (Exception ex)
{
Console.BackgroundColor = ConsoleColor.Red;
Console.WriteLine("Error Retriving Vault Secret {0} . Error Detail {1}", secretName, ex.Message);
}
Console.WriteLine("Press any key to finish");
Console.ReadLine();
}
private async Task CreateVaultAsync(IResourceGroup resourceGroup, string certificateAuthorityPrincipalId)
{
var vault = await KeyVaultManager
.Authenticate(_azureCredentials, _configuration.SubscriptionId)
.Vaults
.Define(_configuration.ResourceNamePrefix + "Vault")
.WithRegion(_configuration.RegionName)
.WithExistingResourceGroup(resourceGroup)
.DefineAccessPolicy()
.ForObjectId(_currentUserObjectId)
.AllowCertificatePermissions(CertificatePermissions.List, CertificatePermissions.Get, CertificatePermissions.Import,
CertificatePermissions.Create, CertificatePermissions.Update, CertificatePermissions.Delete)
.AllowKeyPermissions(KeyPermissions.Sign) // This is required for local testing & debugging. Would remove for production.
.Attach()
.DefineAccessPolicy()
.ForObjectId(certificateAuthorityPrincipalId)
.AllowKeyPermissions(KeyPermissions.Sign)
.AllowCertificatePermissions(CertificatePermissions.Get)
.Attach()
.CreateAsync();
Console.WriteLine($"Successfully created or updated key vault '{vault.Name}'");
}
/// <summary>
/// DI Controller
/// </summary>
public SecurityController(IOptions <DeviceProvisioningOptions> config, KeyVaultManager keyVaultManager)
{
_config = config.Value;
_keyVaultManager = keyVaultManager;
}
public async Task LockSecrets()
{
var manager = new KeyVaultManager(mockup.Get <IShellRunner>());
await manager.LockSecrets(TestVault, config.UserGuid);
}
/// <summary>
/// This is the main entry point for your service instance.
/// </summary>
/// <param name="cancellationToken">Canceled when Service Fabric needs to shut down this service instance.</param>
protected override async Task RunAsync(CancellationToken cancellationToken)
{
var configPackage = FabricRuntime.GetActivationContext().GetConfigurationPackageObject("Config");
var inputConfig = configPackage.Settings.Sections["InputConfig"];
KeyVaultManager keyManager = new KeyVaultManager();
string keyVaultName = inputConfig.Parameters["KeyVaultName"].Value;
string iotDeviceConnectionStringKeyVaultKeyName = inputConfig.Parameters["IotDeviceConnectionStringKeyVaultKeyName"].Value;
string eventhubConnectionStringKeyVaultKeyName = inputConfig.Parameters["EventhubConnectionStringKeyVaultKeyName"].Value;
string dataSchemaStorageAccountKeyValueKeyVaultKeyName = inputConfig.Parameters["DataSchemaStorageAccountKeyValueKeyVaultKeyName"].Value;
string iotDeviceConnectionString = (iotDeviceConnectionStringKeyVaultKeyName.Length > 0) ? await keyManager.GetSecretStringAsync(keyVaultName, iotDeviceConnectionStringKeyVaultKeyName) : "";
string ehConnectionString = (eventhubConnectionStringKeyVaultKeyName.Length > 0) ? await keyManager.GetSecretStringAsync(keyVaultName, eventhubConnectionStringKeyVaultKeyName) : "";
string dataSchemaStorageAccountName = inputConfig.Parameters["DataSchemaStorageAccountName"].Value;
string dataSchemaStorageAccountKeyValue = (dataSchemaStorageAccountKeyValueKeyVaultKeyName.Length > 0) ? await keyManager.GetSecretStringAsync(keyVaultName, dataSchemaStorageAccountKeyValueKeyVaultKeyName) : "";
string dataSchemaStorageContainerName = inputConfig.Parameters["DataSchemaStorageContainerName"].Value;
List <string> dataSchemaPathsWithinContainer = Array.ConvertAll(inputConfig.Parameters["DataSchemaPathWithinContainer"].Value.Split(','), p => p.Trim()).ToList();
KafkaConnection kafkaEnabledEventHubConn = new KafkaConnection
{
Topics = (inputConfig.Parameters["KafkaTopics"].Value.Length > 0) ? Array.ConvertAll(inputConfig.Parameters["KafkaTopics"].Value.Split(','), p => p.Trim()).ToList() : new List <string>(),
ConnectionString = (inputConfig.Parameters["KafkaConnectionStringKeyVaultKeyName"].Value.Length > 0) ? await keyManager.GetSecretStringAsync(keyVaultName, inputConfig.Parameters["KafkaConnectionStringKeyVaultKeyName"].Value) : ""
};
KafkaConnection kafkaHDInsightConn = new KafkaConnection
{
Topics = (inputConfig.Parameters["KafkaHDInsightTopics"].Value.Length > 0) ? Array.ConvertAll(inputConfig.Parameters["KafkaHDInsightTopics"].Value.Split(','), p => p.Trim()).ToList() : new List <string>(),
BootstrapServers = (inputConfig.Parameters["KafkaHDInsightBrokersKeyVaultKeyName"].Value.Length > 0) ? await keyManager.GetSecretStringAsync(keyVaultName, inputConfig.Parameters["KafkaHDInsightBrokersKeyVaultKeyName"].Value) : ""
};
if (!string.IsNullOrEmpty(kafkaEnabledEventHubConn.ConnectionString))
{
Regex regex = new Regex(@"sb?://([\w\d\.]+).*");
kafkaEnabledEventHubConn.BootstrapServers = regex.Match(kafkaEnabledEventHubConn.ConnectionString).Groups[1].Value + ":9093";
WebClient webClient = new WebClient();
webClient.DownloadFile("https://curl.haxx.se/ca/cacert.pem", @".\cacert.pem");
}
List <DataSchema> dataSchemaList = new List <DataSchema>();
foreach (var dataSchemaPathWithinContainer in dataSchemaPathsWithinContainer)
{
var dataSchemaFileContent = await GetDataSchemaAndRules(dataSchemaStorageAccountName, dataSchemaStorageAccountKeyValue, dataSchemaStorageContainerName, dataSchemaPathWithinContainer);
dataSchemaFileContent.currentCounter = 1;
dataSchemaList.Add(dataSchemaFileContent);
}
Stopwatch stopwatchDelay = new Stopwatch();
Stopwatch stopwatchThreshold = new Stopwatch();
stopwatchThreshold.Start();
DataGen dataGenInstance = new DataGen();
while (true)
{
stopwatchDelay.Restart();
cancellationToken.ThrowIfCancellationRequested();
if (stopwatchThreshold.Elapsed.TotalMinutes >= 1440)
{
stopwatchThreshold.Restart();
}
foreach (var dataSchemaFileContent in dataSchemaList)
{
if (dataSchemaFileContent.currentCounter >= dataSchemaFileContent.rulesCounterRefreshInMinutes)
{
dataSchemaFileContent.currentCounter = 1;
}
List <JObject> dataStreams = new List <JObject>();
foreach (var ds in dataSchemaFileContent.dataSchema)
{
if (stopwatchThreshold.Elapsed.Minutes % ds.simulationPeriodInMinute == 0)
{
//generate random data
dataGenInstance.GenerateRandomData(dataStreams, ds);
//generate rules triggering data only for the 0th node in SF to avoid data duplication
if ((ds.rulesData != null) && (this.Context.NodeContext.NodeName.Substring(this.Context.NodeContext.NodeName.Length - 1) == "0"))
{
dataGenInstance.GenerateDataRules(dataStreams, ds, dataSchemaFileContent.currentCounter);
}
}
}
if (dataStreams.Count > 0)
{
await SendData(dataStreams, ehConnectionString, iotDeviceConnectionString, kafkaEnabledEventHubConn, kafkaHDInsightConn);
}
dataSchemaFileContent.currentCounter++;
}
var setDelay = ((60 - stopwatchDelay.Elapsed.TotalSeconds) > 0) ? (60 - stopwatchDelay.Elapsed.TotalSeconds) : 1;
await Task.Delay(TimeSpan.FromSeconds(setDelay), cancellationToken);
}
}
public async Task SetSecret()
{
var manager = new KeyVaultManager(mockup.Get <IShellRunner>());
await manager.SetSecret(TestVault, TestKey, TestValue);
}
public PassHashController(IConfiguration config, KeyVaultManager kvm)
{
_config = config;
_kvMgr = kvm;
}
/// <summary>
/// This is the main entry point for your service instance.
/// </summary>
/// <param name="cancellationToken">Canceled when Service Fabric needs to shut down this service instance.</param>
protected override async Task RunAsync(CancellationToken cancellationToken)
{
var configPackage = FabricRuntime.GetActivationContext().GetConfigurationPackageObject("Config");
var inputConfig = configPackage.Settings.Sections["InputConfig"];
KeyVaultManager keyManager = new KeyVaultManager();
string keyVaultName = inputConfig.Parameters["KeyVaultName"].Value;
string iotDeviceConnectionStringKeyVaultKeyName = inputConfig.Parameters["IotDeviceConnectionStringKeyVaultKeyName"].Value;
string eventhubConnectionStringKeyVaultKeyName = inputConfig.Parameters["EventhubConnectionStringKeyVaultKeyName"].Value;
string dataSchemaStorageAccountKeyValueKeyVaultKeyName = inputConfig.Parameters["DataSchemaStorageAccountKeyValueKeyVaultKeyName"].Value;
string iotDeviceConnectionString = (iotDeviceConnectionStringKeyVaultKeyName.Length > 0) ? await keyManager.GetSecretStringAsync(keyVaultName, iotDeviceConnectionStringKeyVaultKeyName) : "";
string ehConnectionString = (eventhubConnectionStringKeyVaultKeyName.Length > 0) ? await keyManager.GetSecretStringAsync(keyVaultName, eventhubConnectionStringKeyVaultKeyName) : "";
string dataSchemaStorageAccountName = inputConfig.Parameters["DataSchemaStorageAccountName"].Value;
string dataSchemaStorageAccountKeyValue = (dataSchemaStorageAccountKeyValueKeyVaultKeyName.Length > 0) ? await keyManager.GetSecretStringAsync(keyVaultName, dataSchemaStorageAccountKeyValueKeyVaultKeyName) : "";
string dataSchemaStorageContainerName = inputConfig.Parameters["DataSchemaStorageContainerName"].Value;
string dataSchemaPathWithinContainer = inputConfig.Parameters["DataSchemaPathWithinContainer"].Value;
var dataSchemaFileContent = await GetDataSchemaAndRules(dataSchemaStorageAccountName, dataSchemaStorageAccountKeyValue, dataSchemaStorageContainerName, dataSchemaPathWithinContainer);
Stopwatch stopwatchDelay = new Stopwatch();
Stopwatch stopwatchThreshold = new Stopwatch();
stopwatchThreshold.Start();
DataGen dataGenInstance = new DataGen();
while (true)
{
stopwatchDelay.Restart();
cancellationToken.ThrowIfCancellationRequested();
if (stopwatchThreshold.Elapsed.TotalMinutes >= 1440)
{
stopwatchThreshold.Restart();
}
if (_counter >= dataSchemaFileContent.rulesCounterRefreshInMinutes)
{
_counter = 1;
}
List <JObject> dataStreams = new List <JObject>();
foreach (var ds in dataSchemaFileContent.dataSchema)
{
if (stopwatchThreshold.Elapsed.Minutes % ds.simulationPeriodInMinute == 0)
{
//generate random data
dataGenInstance.GenerateRandomData(dataStreams, ds);
//generate rules triggering data only for the 0th node in SF to avoid data duplication
if ((ds.rulesData != null) && (this.Context.NodeContext.NodeName.Substring(this.Context.NodeContext.NodeName.Length - 1) == "0"))
{
dataGenInstance.GenerateDataRules(dataStreams, ds, _counter);
}
}
}
if (dataStreams.Count > 0)
{
await SendData(ehConnectionString, iotDeviceConnectionString, dataStreams);
}
_counter++;
var setDelay = ((60 - stopwatchDelay.Elapsed.TotalSeconds) > 0) ? (60 - stopwatchDelay.Elapsed.TotalSeconds) : 1;
await Task.Delay(TimeSpan.FromSeconds(setDelay), cancellationToken);
}
}
