public async Task KeyVaultSecretProvider_GetsRawSecretWithIncorrectSecretNameFormat_Throws(string secretName) { // Arrange KeyVaultSecretProvider provider = CreateSecretProviderWithTooManyRequestSimulation("some ignored secret value"); // Act / Assert await Assert.ThrowsAnyAsync <FormatException>(() => provider.GetRawSecretAsync(secretName)); }
public async Task RotateServiceBusSecrets_WithValidArguments_RotatesPrimarySecondaryAlternatively() { // Arrange var config = TestConfig.Create(); KeyRotationConfig keyRotationConfig = config.GetKeyRotationConfig(); _logger.LogInformation("Using Service Principal [ClientID: '{ClientId}']", keyRotationConfig.ServicePrincipal.ClientId); const ServiceBusEntityType entity = ServiceBusEntityType.Topic; var keyVaultAuthentication = new ServicePrincipalAuthentication( keyRotationConfig.ServicePrincipal.ClientId, keyRotationConfig.ServicePrincipal.ClientSecret); var keyVaultConfiguration = new KeyVaultConfiguration(keyRotationConfig.KeyVault.VaultUri); var secretProvider = new KeyVaultSecretProvider(keyVaultAuthentication, keyVaultConfiguration); AzureServiceBusClient azureServiceBusClient = CreateAzureServiceBusClient(keyRotationConfig, secretProvider, entity); var rotation = new AzureServiceBusKeyRotation(azureServiceBusClient, keyVaultAuthentication, keyVaultConfiguration, _logger); var client = new ServiceBusConfiguration(keyRotationConfig, _logger); AccessKeys keysBefore1stRotation = await client.GetConnectionStringKeysForTopicAsync(); // Act await rotation.RotateServiceBusSecretAsync(keyRotationConfig.KeyVault.SecretName); // Assert string secondaryConnectionString = await secretProvider.GetRawSecretAsync(keyRotationConfig.KeyVault.SecretName); AccessKeys keysAfter1stRotation = await client.GetConnectionStringKeysForTopicAsync(); Assert.True(secondaryConnectionString == keysAfter1stRotation.SecondaryConnectionString, "Secondary connection string should be set in Azure Key Vault after first rotation"); Assert.NotEqual(keysBefore1stRotation.PrimaryConnectionString, keysAfter1stRotation.PrimaryConnectionString); Assert.NotEqual(keysBefore1stRotation.SecondaryConnectionString, keysAfter1stRotation.SecondaryConnectionString); await rotation.RotateServiceBusSecretAsync(keyRotationConfig.KeyVault.SecretName); string primaryConnectionString = await secretProvider.GetRawSecretAsync(keyRotationConfig.KeyVault.SecretName); AccessKeys keysAfter2ndRotation = await client.GetConnectionStringKeysForTopicAsync(); Assert.True(primaryConnectionString == keysAfter2ndRotation.PrimaryConnectionString, "Primary connection string should be set in Azure Key Vault after second rotation"); Assert.NotEqual(keysAfter1stRotation.PrimaryConnectionString, keysAfter2ndRotation.PrimaryConnectionString); Assert.NotEqual(keysAfter2ndRotation.SecondaryConnectionString, keysAfter1stRotation.SecondaryConnectionString); }
public async Task KeyVaultSecretProvider_GetsRawSecretWithCorrectFormat(string secretName) { // Arrange string expected = $"secret-{Guid.NewGuid()}"; KeyVaultSecretProvider provider = CreateSecretProviderWithTooManyRequestSimulation(expected); // Act string actual = await provider.GetRawSecretAsync(secretName); // Assert Assert.Equal(actual, expected); }
public async Task KeyVaultSecretProvider_GetsRawSecretAsync_AfterRetriedTooManyRequestException() { // Arrange string expected = $"secret-value-{Guid.NewGuid()}"; string secretName = $"secret-name-{Guid.NewGuid()}"; KeyVaultSecretProvider provider = CreateSecretProviderWithTooManyRequestSimulation(expected); // Act string actual = await provider.GetRawSecretAsync(secretName); // Assert Assert.Equal(expected, actual); }