public async void PexaApiTokenOtherKeyVaultExceptionThrows() { var query = new PexaApiTokenQuery() { AuthenticatedUser = new WCAUser() }; var keyVaultErrorException = new KeyVaultErrorException(); using (var pexaTestKeyVaultClient = new PexaTestKeyVaultClient(keyVaultErrorException)) using (var memoryCache = new MemoryCache(Options.Create(new MemoryCacheOptions()))) { var handlerUnderTest = new PexaApiTokenQueryHandler( pexaTestKeyVaultClient, new PexaApiTokenQuery.Validator(), memoryCache, Options.Create(new WCACoreSettings() { CredentialAzureKeyVaultUrl = "https://dummy" })); await Assert.ThrowsAsync <KeyVaultErrorException>(async() => { var result = await handlerUnderTest.Handle(query, new CancellationToken()); }); } }
private static void TryHandleException(KeyVaultErrorException ex) { if (IsNotFound(ex)) { throw new StorageException(ErrorCode.NotFound, ex); } }
public async void PexaApiTokenForbiddenReturnsNull() { var query = new PexaApiTokenQuery() { AuthenticatedUser = new WCAUser() }; using (var httpResponseMessage = new HttpResponseMessage(HttpStatusCode.Forbidden)) { var keyVaultErrorException = new KeyVaultErrorException() { Response = new HttpResponseMessageWrapper(httpResponseMessage, null) }; using (var pexaTestKeyVaultClient = new PexaTestKeyVaultClient(keyVaultErrorException)) using (var memoryCache = new MemoryCache(Options.Create(new MemoryCacheOptions()))) { var handlerUnderTest = new PexaApiTokenQueryHandler( pexaTestKeyVaultClient, new PexaApiTokenQuery.Validator(), memoryCache, Options.Create(new WCACoreSettings() { CredentialAzureKeyVaultUrl = "https://dummy" })); var result = await handlerUnderTest.Handle(query, new CancellationToken()); Assert.Null(result); } } }
private static bool TryHandleException(KeyVaultErrorException ex) { if (IsNotFound(ex)) { throw new StorageException(ErrorCode.NotFound, ex); } return(false); }
private static bool TryHandleException(KeyVaultErrorException ex) { if (ex.Body.Error.Code == "SecretNotFound") { throw new StorageException(ErrorCode.NotFound, ex); } return(false); }
private KeyVaultErrorException GetKeyVaultError(HttpStatusCode statusCode) { var responseMessage = new HttpResponseMessage(statusCode); var exception = new KeyVaultErrorException(); exception.Response = new HttpResponseMessageWrapper(responseMessage, content: ResponseContent); return(exception); }
// Given a KeyVaultErrorException, this will determine what status code we will // return to the caller. We will forward status codes related to unauhtorized // and return 500 for the rest. private HttpStatusCode GetResponseStatusCode(KeyVaultErrorException kve) { if (kve.Response == null) { return(HttpStatusCode.InternalServerError); } if (kve.Response.StatusCode == HttpStatusCode.Unauthorized || kve.Response.StatusCode == HttpStatusCode.Forbidden) { return(kve.Response.StatusCode); } // return 500 by default. return(HttpStatusCode.InternalServerError); }
public async Task GivenKeyVaultSecretStore_WhenDeletingSecretThrowsKeyVaultErrorExceptionWithNoResponse_ThenExceptionWillBeThrownWithInternalServerErrorStatusCode() { _retryCount = 0; _secretStore = GetSecretStore(_retryCount); KeyVaultErrorException exception = new KeyVaultErrorException(); _kvClient.DeleteSecretWithHttpMessagesAsync(_keyVaultUri.AbsoluteUri, SecretName, customHeaders: null, _cancellationToken) .Returns <AzureOperationResponse <DeletedSecretBundle> >( _ => throw exception); SecretStoreException sse = await Assert.ThrowsAsync <SecretStoreException>(() => _secretStore.DeleteSecretAsync(SecretName, _cancellationToken)); Assert.NotNull(sse); Assert.Equal(HttpStatusCode.InternalServerError, sse.ResponseStatusCode); }
public async Task GivenKeyVaultSecretStore_WhenDeletingSecretThrowsKeyVaultErrorExceptionWithNonRetriableStatusCode_ThenItWillNotBeRetried(HttpStatusCode statusCode) { _retryCount = 3; _secretStore = GetSecretStore(_retryCount); var successfulResult = GetSuccessfulDeletedResult(); KeyVaultErrorException exception = GetKeyVaultError(statusCode); _kvClient.DeleteSecretWithHttpMessagesAsync(_keyVaultUri.AbsoluteUri, SecretName, customHeaders: null, _cancellationToken) .Returns <AzureOperationResponse <DeletedSecretBundle> >( _ => throw exception, _ => successfulResult); await Assert.ThrowsAsync <SecretStoreException>(() => _secretStore.DeleteSecretAsync(SecretName, _cancellationToken)); }
public async Task GivenKeyVaultSecretStore_WhenSettingSecretThrowsKeyVaultErrorException_ThenExceptionWillBeThrownWithAppropriateStatusCode(HttpStatusCode keyVaultStatusCode, HttpStatusCode expectedStatusCode) { _retryCount = 0; _secretStore = GetSecretStore(_retryCount); KeyVaultErrorException exception = GetKeyVaultError(keyVaultStatusCode); _kvClient.SetSecretWithHttpMessagesAsync(_keyVaultUri.AbsoluteUri, SecretName, SecretValue, tags: null, contentType: null, secretAttributes: null, customHeaders: null, _cancellationToken) .Returns <AzureOperationResponse <SecretBundle> >( _ => throw exception); SecretStoreException sse = await Assert.ThrowsAsync <SecretStoreException>(() => _secretStore.SetSecretAsync(SecretName, SecretValue, _cancellationToken)); Assert.NotNull(sse); Assert.Equal(expectedStatusCode, sse.ResponseStatusCode); }
public async Task GivenKeyVaultSecretStore_WhenGettingSecretThrowsKeyVaultErrorExceptionWithRetriableStatusCodeForMaxRetryCount_ThenExceptionWillBeThrown() { _retryCount = 1; _secretStore = GetSecretStore(_retryCount); var successfulResult = GetSuccessfulResult(); KeyVaultErrorException exception = GetKeyVaultError(HttpStatusCode.ServiceUnavailable); _kvClient.GetSecretWithHttpMessagesAsync(_keyVaultUri.AbsoluteUri, SecretName, secretVersion: string.Empty, customHeaders: null, _cancellationToken) .Returns <AzureOperationResponse <SecretBundle> >( _ => throw exception, _ => throw exception, _ => successfulResult); await Assert.ThrowsAsync <SecretStoreException>(() => _secretStore.GetSecretAsync(SecretName, _cancellationToken)); }
public async Task GivenKeyVaultSecretStore_WhenGettingSecretThrowsKeyVaultErrorExceptionWithRetriableStatusCode_ThenItWillBeRetried(HttpStatusCode statusCode) { _retryCount = 3; _secretStore = GetSecretStore(_retryCount); var successfulResult = GetSuccessfulResult(); KeyVaultErrorException exception = GetKeyVaultError(statusCode); _kvClient.GetSecretWithHttpMessagesAsync(_keyVaultUri.AbsoluteUri, SecretName, secretVersion: string.Empty, customHeaders: null, _cancellationToken) .Returns <AzureOperationResponse <SecretBundle> >( _ => throw exception, _ => successfulResult); var result = await _secretStore.GetSecretAsync(SecretName, _cancellationToken); Assert.Equal(SecretValue, result.SecretValue); }
private static bool IsNotFound(KeyVaultErrorException ex) { return(ex.Body.Error.Code == "SecretNotFound"); }
public PexaTestKeyVaultClient(KeyVaultErrorException keyVaultErrorException) { _keyVaultErrorException = keyVaultErrorException; }
/// <summary> /// Gets the pending certificate signing request response. /// </summary> /// <param name='vaultBaseUrl'> /// The vault name, e.g. https://myvault.vault.azure.net /// </param> /// <param name='certificateName'> /// The name of the certificate /// </param> /// <param name='customHeaders'> /// Headers that will be added to request. /// </param> /// <param name='cancellationToken'> /// The cancellation token. /// </param> /// <return> /// A response object containing the response body and response headers. /// </return> public async Task <AzureOperationResponse <string> > GetPendingCertificateSigningRequestWithHttpMessagesAsync(string vaultBaseUrl, string certificateName, Dictionary <string, List <string> > customHeaders = null, CancellationToken cancellationToken = default(CancellationToken)) { if (vaultBaseUrl == null) { throw new ValidationException(ValidationRules.CannotBeNull, "vaultBaseUrl"); } if (certificateName == null) { throw new ValidationException(ValidationRules.CannotBeNull, "certificateName"); } if (this.ApiVersion == null) { throw new ValidationException(ValidationRules.CannotBeNull, "this.ApiVersion"); } // Tracing bool _shouldTrace = ServiceClientTracing.IsEnabled; string _invocationId = null; if (_shouldTrace) { _invocationId = ServiceClientTracing.NextInvocationId.ToString(); Dictionary <string, object> tracingParameters = new Dictionary <string, object>(); tracingParameters.Add("vaultBaseUrl", vaultBaseUrl); tracingParameters.Add("certificateName", certificateName); tracingParameters.Add("cancellationToken", cancellationToken); ServiceClientTracing.Enter(_invocationId, this, "GetPendingCertificateSigningRequest", tracingParameters); } // Construct URL var _baseUrl = this.BaseUri; var _url = _baseUrl + (_baseUrl.EndsWith("/") ? "" : "/") + "certificates/{certificate-name}/pending"; _url = _url.Replace("{vaultBaseUrl}", vaultBaseUrl); _url = _url.Replace("{certificate-name}", Uri.EscapeDataString(certificateName)); List <string> _queryParameters = new List <string>(); if (this.ApiVersion != null) { _queryParameters.Add(string.Format("api-version={0}", Uri.EscapeDataString(this.ApiVersion))); } if (_queryParameters.Count > 0) { _url += "?" + string.Join("&", _queryParameters); } // Create HTTP transport objects HttpRequestMessage _httpRequest = new HttpRequestMessage(); HttpResponseMessage _httpResponse = null; _httpRequest.Method = new HttpMethod("GET"); _httpRequest.RequestUri = new Uri(_url); _httpRequest.Headers.Add("Accept", "application/pkcs10"); // Set Headers if (this.GenerateClientRequestId != null && this.GenerateClientRequestId.Value) { _httpRequest.Headers.TryAddWithoutValidation("x-ms-client-request-id", Guid.NewGuid().ToString()); } if (this.AcceptLanguage != null) { if (_httpRequest.Headers.Contains("accept-language")) { _httpRequest.Headers.Remove("accept-language"); } _httpRequest.Headers.TryAddWithoutValidation("accept-language", this.AcceptLanguage); } if (customHeaders != null) { foreach (var _header in customHeaders) { if (_httpRequest.Headers.Contains(_header.Key)) { _httpRequest.Headers.Remove(_header.Key); } _httpRequest.Headers.TryAddWithoutValidation(_header.Key, _header.Value); } } // Serialize Request string _requestContent = null; // Set Credentials if (this.Credentials != null) { cancellationToken.ThrowIfCancellationRequested(); await this.Credentials.ProcessHttpRequestAsync(_httpRequest, cancellationToken).ConfigureAwait(false); } // Send Request if (_shouldTrace) { ServiceClientTracing.SendRequest(_invocationId, _httpRequest); } cancellationToken.ThrowIfCancellationRequested(); _httpResponse = await this.HttpClient.SendAsync(_httpRequest, cancellationToken).ConfigureAwait(false); if (_shouldTrace) { ServiceClientTracing.ReceiveResponse(_invocationId, _httpResponse); } HttpStatusCode _statusCode = _httpResponse.StatusCode; cancellationToken.ThrowIfCancellationRequested(); string _responseContent = null; if ((int)_statusCode != 200) { var ex = new KeyVaultErrorException(string.Format("Operation returned an invalid status code '{0}'", _statusCode)); try { _responseContent = await _httpResponse.Content.ReadAsStringAsync().ConfigureAwait(false); KeyVaultError _errorBody = SafeJsonConvert.DeserializeObject <KeyVaultError>(_responseContent, this.DeserializationSettings); if (_errorBody != null) { ex.Body = _errorBody; } } catch (JsonException) { // Ignore the exception } ex.Request = new HttpRequestMessageWrapper(_httpRequest, _requestContent); ex.Response = new HttpResponseMessageWrapper(_httpResponse, _responseContent); if (_shouldTrace) { ServiceClientTracing.Error(_invocationId, ex); } _httpRequest.Dispose(); if (_httpResponse != null) { _httpResponse.Dispose(); } throw ex; } // Create Result var _result = new AzureOperationResponse <string>(); _result.Request = _httpRequest; _result.Response = _httpResponse; if (_httpResponse.Headers.Contains("x-ms-request-id")) { _result.RequestId = _httpResponse.Headers.GetValues("x-ms-request-id").FirstOrDefault(); } // Deserialize Response if ((int)_statusCode == 200) { _result.Body = await _httpResponse.Content.ReadAsStringAsync().ConfigureAwait(false); } if (_shouldTrace) { ServiceClientTracing.Exit(_invocationId, _result); } return(_result); }