Cache policy for key vault configuration
KeyVaultConfigurationCachePolicy Class Documentation
Ejemplo n.º 1
0
        /// <summary>
        /// Use key vault for application configuration. This provides a secure way of retrieving secrets at runtime (connection strings, passwords etc.)
        /// </summary>
        /// <param name="dependencyResolver">The dependency resolver</param>
        /// <param name="clientId">Client ID of the Azure AD application associated with the key vault (must be granted read access to secrets)</param>
        /// <param name="clientSecret">Client secret of the Azure AD application associated with the key vault (must be granted read access to secrets)</param>
        /// <param name="vaultUri">The URI of the key vault e.g. https://mykeyvault.vault.azure.net</param>
        /// <param name="useKeyVaultExclusively">Defaults to false in which case only application keys not found in the local configuration (app settings, cscfg etc.) will be looked up in the vault. True if everything should be looked up in the vault.</param>
        /// <param name="checkIfKeyVaultKeyExistsBeforeGet">If true then this checks if the key exists in the vault before attempting a get. This is expensive but currently helps with Powershell sync context / message pump issues.</param>
        /// <param name="cachePolicy">The cache policy, null for the default policy</param>
        /// <returns>The dependency resolver confiugred with a key vault used for application configuration</returns>
        public static IDependencyResolver UseAsyncKeyVaultApplicationConfiguration(this IDependencyResolver dependencyResolver,
            string clientId,
            string clientSecret,
            string vaultUri,
            bool useKeyVaultExclusively = false,
            KeyVaultConfigurationCachePolicy cachePolicy = null,
            bool checkIfKeyVaultKeyExistsBeforeGet = false)
        {
            if (cachePolicy == null)
            {
                cachePolicy = KeyVaultConfigurationCachePolicy.Default;
            }

            IAsyncConfiguration existingConfiguration = null;
            if (!useKeyVaultExclusively)
            {
                existingConfiguration = dependencyResolver.Resolve<IAsyncConfiguration>();
            }
            IAsyncConfiguration keyVaultConfiguration = new AsyncKeyVaultConfiguration(
                new KeyVault.Implementation.KeyVault(clientId, clientSecret, vaultUri, checkIfKeyVaultKeyExistsBeforeGet),
                dependencyResolver.Resolve<IKeyVaultConfigurationKeyEncoder>(),
                cachePolicy,
                existingConfiguration);
            dependencyResolver.Register(() => keyVaultConfiguration);

            return dependencyResolver;
        }
Ejemplo n.º 2
0
        /// <summary>
        /// Constructor for a key vault based setting cache
        /// </summary>
        /// <param name="vault">The key vault to use</param>
        /// <param name="keyEncoder">An encoder setting names (key vault doesn't support URI encoding for setting names but, for example, if migrating from app.config you could have a . in a setting name</param>
        /// <param name="cachePolicy">The policy for the cache</param>
        /// <param name="localConfiguration"></param>
        public AsyncKeyVaultConfiguration(
            IKeyVault vault,
            IKeyVaultConfigurationKeyEncoder keyEncoder,
            KeyVaultConfigurationCachePolicy cachePolicy,
            IAsyncConfiguration localConfiguration = null)
        {
            _vault = vault;
            _keyEncoder = keyEncoder;
            _cachePolicy = cachePolicy;

            _localConfiguration = localConfiguration;
        }